Test

README.md

@@ -1,3 +1,5 @@
 # CySCA 2018
 
 A collection of notes and solutions for CySCA 2018 from team UTS and [UTS Cyber Security Society](http://facebook.com/utscsec). This project encourages all pull requests. 
+
+[CySCA18 Scoreboard](https://www.cyberchallenge.com.au/2018/scoreboard/index.html)

web-app-pentest/double_agent[36pts].md

@@ -1,8 +1,6 @@
 ## Double Agent [36 pts]
 > On the Internet, nobody knows you're a dog.
 
-**Write-up**
-
 - challenge name insinuates that you have to impersonate someone, or something;
 - reading through the chat with John reveals that you can only view certain sections of the website with the browser `BOBDev` that isn’t version `1.3`;
 - this hint is emphasised by visiting `/config` where is displays the error that the page “is incompatible with your browser”;

web-app-pentest/keep_it_secret[244pts].md

@@ -15,4 +15,4 @@
 
 config gives you:
 
-    ```debug = <Config {'JSONIFY_PRETTYPRINT_REGULAR': False, 'SERVER_NAME': None, 'JSON_AS_ASCII': True, 'SESSION_REFRESH_EACH_REQUEST': True, 'SESSION_COOKIE_PATH': None, 'ENV': 'production', 'SECRET_KEY': 'secret', 'MAX_CONTENT_LENGTH': None, 'SESSION_COOKIE_DOMAIN': False, 'PREFERRED_URL_SCHEME': 'http', 'USE_X_SENDFILE': False, 'TRAP_HTTP_EXCEPTIONS': False, 'SESSION_COOKIE_NAME': 'session', 'BASE_DIR': '/opt/cysca-web', 'DEBUG': True, 'PROPAGATE_EXCEPTIONS': None, 'SQLALCHEMY_DATABASE_URI': 'sqlite:////opt/cysca-web/app.db', 'SESSION_COOKIE_SECURE': False, 'PRESERVE_CONTEXT_ON_EXCEPTION': None, 'SESSION_COOKIE_HTTPONLY': True, 'CSRF_SESSION_KEY': 'secret', 'TRAP_BAD_REQUEST_ERRORS': None, 'EXPLAIN_TEMPLATE_LOADING': False, 'APPLICATION_ROOT': '/', 'JSONIFY_MIMETYPE': 'application/json', 'THREADS_PER_PAGE': 2, 'PERMANENT_SESSION_LIFETIME': datetime.timedelta(31), 'TESTING': False, 'SESSION_COOKIE_SAMESITE': None, 'DATABASE_CONNECT_OPTIONS': {}, 'JSON_SORT_KEYS': True, 'CSRF_ENABLED': True, 'TEMPLATES_AUTO_RELOAD': None, 'SEND_FILE_MAX_AGE_DEFAULT': datetime.timedelta(0, 43200), 'MAX_COOKIE_SIZE': 4093}>```
+`debug = <Config {'JSONIFY_PRETTYPRINT_REGULAR': False, 'SERVER_NAME': None, 'JSON_AS_ASCII': True, 'SESSION_REFRESH_EACH_REQUEST': True, 'SESSION_COOKIE_PATH': None, 'ENV': 'production', 'SECRET_KEY': 'secret', 'MAX_CONTENT_LENGTH': None, 'SESSION_COOKIE_DOMAIN': False, 'PREFERRED_URL_SCHEME': 'http', 'USE_X_SENDFILE': False, 'TRAP_HTTP_EXCEPTIONS': False, 'SESSION_COOKIE_NAME': 'session', 'BASE_DIR': '/opt/cysca-web', 'DEBUG': True, 'PROPAGATE_EXCEPTIONS': None, 'SQLALCHEMY_DATABASE_URI': 'sqlite:////opt/cysca-web/app.db', 'SESSION_COOKIE_SECURE': False, 'PRESERVE_CONTEXT_ON_EXCEPTION': None, 'SESSION_COOKIE_HTTPONLY': True, 'CSRF_SESSION_KEY': 'secret', 'TRAP_BAD_REQUEST_ERRORS': None, 'EXPLAIN_TEMPLATE_LOADING': False, 'APPLICATION_ROOT': '/', 'JSONIFY_MIMETYPE': 'application/json', 'THREADS_PER_PAGE': 2, 'PERMANENT_SESSION_LIFETIME': datetime.timedelta(31), 'TESTING': False, 'SESSION_COOKIE_SAMESITE': None, 'DATABASE_CONNECT_OPTIONS': {}, 'JSON_SORT_KEYS': True, 'CSRF_ENABLED': True, 'TEMPLATES_AUTO_RELOAD': None, 'SEND_FILE_MAX_AGE_DEFAULT': datetime.timedelta(0, 43200), 'MAX_COOKIE_SIZE': 4093}>`