COMP2152 — Term Project: CTF Bug Bounty

Team Name

Team Dark Packets

Team Members

Member	Vulnerability Found	Branch Name
Kamran Omar	Server-Side Request Forgery (SSRF)	kamran_webhook_vuln
Joe MacDonald	Internal Hostname Exposed in HTTP header	joemacdonald_server_version_exposed
Ogun Oluwateniola	Unlimited Login Attempts on login.0x10.cloud	teniogun_no_rate_limit
Eneiyavan Sivaganesan	Admin panel publicly accessible with exposed database password	eneiyavan_adminpanel

Videos

• Kamran Omar: https://www.youtube.com/watch?v=4Yk35njXjWY
• Joe MacDonald: I do not use Youtube... https://github.com/Dark-packets/COMP2152_Term_Project/blob/master/JoeMacDonald_internal_hostname_exposed.mp4
• Ogun Oluwateniola: https://youtu.be/sLVn-R3LZIc
• Eneiyavan Sivaganesan: https://youtu.be/EVUYCbfpykg

Target

• Server: 0x10.cloud and its subdomains
• Submission: http://submit.0x10.cloud
• Leaderboard: http://ranking.0x10.cloud

Important: Rate Limit

The server allows 10 requests per second per IP address. If you send requests too fast, you will get blocked (HTTP 429). Add a small delay between requests:

import time
time.sleep(0.15)  # wait 150ms between requests

Getting Started

1. Look at the three example scripts:
   • example_http_check.py — checks if a site uses HTTPS (uses urllib)
   • example_port_check.py — checks if a port is open (uses socket)
   • example_header_check.py — reads HTTP response headers for info leaks (uses urllib)
2. Run all examples: python3 main.py
3. Create your own branch: git checkout -b your_vuln_name
4. Write a Python script that finds and demonstrates a vulnerability
5. Submit your finding at http://submit.0x10.cloud
6. Merge your branch into master when done

Rules

• Python standard library only — socket, urllib, ssl, json, base64, time. No pip packages.
• Only scan *.0x10.cloud — do not scan any other domain.
• Respect the rate limit — 10 requests/second max.