tanguy.sergent2025

4th place

23250 points

Solves

Challenge	Category	Value
Unsigned JWT	Vulnerable Components	1000
Forged Signed JWT	Vulnerable Components	1350
SSRF	Broken Access Control	1350
Reset Morty's Password	Broken Anti Automation	1000
Multiple Likes	Broken Anti Automation	1350
Arbitrary File Write	Vulnerable Components	1350
Memory Bomb	Insecure Deserialization	1000
Deprecated Interface	Security Misconfiguration	250
Successful RCE DoS	Insecure Deserialization	1350
Blocked RCE DoS	Insecure Deserialization	1000
Steganography	Security through Obscurity	700
Blockchain Hype	Security through Obscurity	1000
Kill Chatbot	Vulnerable Components	1000
Forgotten Sales Backup	Sensitive Data Exposure	700
Forged Coupon	Cryptographic Issues	1350
Bjoern's Favorite Pet	Broken Authentication	450
Poison Null Byte	Improper Input Validation	700
Easter Egg	Broken Access Control	700
Nested Easter Egg	Cryptographic Issues	700
Exposed Metrics	Observability Failures	100
Score Board	Miscellaneous	100
Outdated Allowlist	Unvalidated Redirects	100
Imaginary Challenge	Cryptographic Issues	1350
Deluxe Fraud	Improper Input Validation	450
Visual Geo Stalking	Sensitive Data Exposure	250
Meta Geo Stalking	Sensitive Data Exposure	250
Zero Stars	Improper Input Validation	100
Reflected XSS	XSS	250
Privacy Policy	Miscellaneous	100
Five-Star Feedback	Broken Access Control	250
Admin Section	Broken Access Control	250
Empty User Registration	Improper Input Validation	250
Repetitive Registration	Improper Input Validation	100
Admin Registration	Improper Input Validation	450
Bully Chatbot	Miscellaneous	100
Bonus Payload	XSS	100
DOM XSS	XSS	100
Confidential Document	Sensitive Data Exposure	100
Error Handling	Security Misconfiguration	100
Web3 Sandbox	Broken Access Control	100