Search for a command to run...
Prologue GiveWP is one of the popular wordpress plugins to handle fundraising and donation with 100k+ installation. This plugin has main features like setting up donation forms, viewing details of donations/donors and generating a report. There is al...
![[Arkavidia 7.0 CTF Writeup] Arkavidia Atlas](/_next/image?url=https%3A%2F%2Fcdn.hashnode.com%2Fres%2Fhashnode%2Fimage%2Fupload%2Fv1657866411494%2Ff2sP0m0zo.jpg&w=3840&q=75)
Chall Description Initial Foothold When first visit the webpage, we get this view of some sort of maps : There is something interesting on the source page and on the JS files : view-source:http://slave2.ctf.arkavidia.id:10021/ <!doctype html> ...
![[Tokopedia] Site-Wide CSRF Through Graphql Request](/_next/image?url=https%3A%2F%2Fcdn.hashnode.com%2Fres%2Fhashnode%2Fimage%2Fupload%2Fv1657865301596%2F9tSe5_1Z4.jpg&w=3840&q=75)
What is Cross Site Request Forgery ? Cross-Site Request Forgery (CSRF) is an attack that forces an end user to execute unwanted actions on a web application in which they're currently authenticated. CSRF attacks specifically target state-changing re...