Holiday

manish199014 · November 1, 2017, 9:26am

I have got the access to the web application but not able to get the next entry point. Can anyone give me a hint? What to do after successfully logged in to the application.

princeade · November 1, 2017, 6:26pm

entry bruteforce or bypass ? i have been trying both for days now

manish199014 · November 6, 2017, 6:41am

@princeade said:
entry bruteforce or bypass ? i have been trying both for days now

Navigate all pages and sometime you will get a big hint in the source code.

princeade · November 6, 2017, 2:47pm

all pages?? hmm it’s just a login page… will keep checking though

xrander · November 6, 2017, 7:10pm

@princeade said:
all pages?? hmm it’s just a login page… will keep checking though

Its the most common vulnerability for bypassing login page.

wolverine · November 7, 2017, 12:02pm

this is weird, an sqlinj bypass leaked a username, but didnt log me in? hmmm…

grd · November 8, 2017, 12:54pm

@wolverine said:
this is weird, an sqlinj bypass leaked a username, but didnt log me in? hmmm…

Same here. Stuck at this very point.
Hints?

kamalawy · November 8, 2017, 3:43pm

Guys, i can not access the admin account, I injected him but can not get his sid.

Sanya1991 · November 9, 2017, 2:01pm

I am also stucked, because of the httpOnly flag …

Linoge · November 10, 2017, 7:25am

got the username and password for the web. what now help

sajkox · November 10, 2017, 12:33pm

I don’t want to be rude but I the only appropriate answer here seems to be : enumerate.
I think its fair to ask about “HOW” to do something … but “WHAT” …
If you don’t know what to do you just need to enumerate more.
Any other answer is just a spoiler, no ?

Linoge · November 11, 2017, 4:12am

just need a direction like is it sql injectable or XSS injectable or something else to get a foothold to the system not spoilers. just need a big picture of what kind of vulnerability to get into the system.

rek2 · November 13, 2017, 4:04am

@Linoge said:
just need a direction like is it sql injectable or XSS injectable or something else to get a foothold to the system not spoilers. just need a big picture of what kind of vulnerability to get into the system.

did you ever got it? im about to head into this machine.

MrRobotty · November 16, 2017, 7:00pm

Only for me dirbuster doesn’t work?

li0nheart · November 16, 2017, 7:05pm

Try to figure out what’s different. So why isn’t dirbuster working for you when a browser is.

MrRobotty · November 16, 2017, 7:06pm

@li0nheart said:
Try to figure out what’s different. So why isn’t dirbuster working for you when a browser is.

Yeah I understood that, but don’t know how to enumerate

rek2 · November 17, 2017, 3:26am

@MrRobotty said:

@li0nheart said:
Try to figure out what’s different. So why isn’t dirbuster working for you when a browser is.

Yeah I understood that, but don’t know how to enumerate

I was able to do what I needed with Zap and some creativity to bypass this.

rek2 · November 17, 2017, 3:28am

can someone msg me in private a hint about how to enter what I need on the right place… I know the vector and what nees to be done but can’t modify the payload in a way to get what I need for admin.

li0nheart · November 17, 2017, 7:53pm

Same here… a simple payload works, but I can’t get to the sid information I need. It’s so frustrating. I’ve been going over every avenue I can think of. A nudge into the right direction would be appreciated (pm).