Analyze the given code and logs to find answers that correspond to the given questions.

This is an exercise in Client Side Template Injection.

Flags can be obtained by writing CSP according to the conditions required by the question.

This service implements Session Login. Use the Deserialize vulnerability in Python (pickle) to obtain flags. The flags are in flag.txt or the FLAG variable.

This is a login service. Get a flag through the SQL INJECTION vulnerability!

Patched issue with SQL Injection Bypass WAF.

A service with a login function written in python. Obtain a flag by logging in as a user with “admin” rights.

This is an HTML page that inputs data into an input form and outputs a flag if it is correct and a flag if it is wrong. NOP ! Analyze the main function to find the correct input values!

Read the flag file XD

This is an image viewer service written in Flask. Use SSRF vulnerabilities to obtain flags. The flag is /app/flag.txt located at.