https://craizy.dev/tags/web/ Recent content in Web on crAIzy.dev https://craizy.dev/img/htb-default.png https://craizy.dev/ Hugo en Tue, 28 Apr 2026 20:10:00 +0300 https://craizy.dev/writeups/ignition/ Tue, 28 Apr 2026 20:10:00 +0300 crAIzy https://craizy.dev/writeups/ignition/ Walkthrough of Ignition — Magento 2.4-dev admin panel with default credentials qwerty123, demonstrating virtual host discovery and admin panel enumeration. https://craizy.dev/writeups/crocodile/ Tue, 28 Apr 2026 15:43:00 +0300 crAIzy https://craizy.dev/writeups/crocodile/ Walkthrough of Crocodile — anonymous FTP exposes credential files that unlock a web admin panel on port 80, combining two services into one attack chain. https://craizy.dev/writeups/appointment/ Tue, 28 Apr 2026 14:30:00 +0300 crAIzy https://craizy.dev/writeups/appointment/ Walkthrough of Appointment — SQL injection in a login form bypasses authentication and exposes the flag, with sqlmap extraction of the underlying database schema. https://craizy.dev/writeups/preignition/ Mon, 27 Apr 2026 16:27:00 +0300 crAIzy https://craizy.dev/writeups/preignition/ Walkthrough of Preignition — directory fuzzing finds a hidden admin.php login page, default credentials admin:admin grant access and expose the flag.