Hey, I am kinda stuck after using the s****p tool. I found the hash and login page. Not to sure what people refer to when saying the certain tool can be used for other purposes. I have looked at the -h menu. Nothing really stood out.
I've recently started the FreeLancer challenge, and I am stuck at hashed password, can someone PM me and point me to the right direction.
Looking forward to your response.
I hated this challenge until I solved it, now I'm glad I did. Biiiiig brain boosting from this one. Best hint I can give is to RTFM about the "tool" and the server itself, feel free to PM for nudges
I can't get any results with the tool. Getting only error that parameter can't be injected. Could somebody help and tell me what I am doing wrong?
I will be very grateful!
A some hints for noobs like me
1. Read source code (before using dirb). You will find something interesting. This is your key. Now you need a keyhole.
2. To find the keyhole you need dirb (etc)
3. You have to insert the key into the keyhole with the tool everyone is talking about. To do this, you must use the TOOL, but not in the way that noobs like me USUALLY use it. It is necessary to carefully study the additional features of the TOOL (for this, one letter "H" is not enough).
Got the flag. Almost reached to the last stage, but got stuck on how to read source code of website. Research on google gave some hints and got the flag.
My hints:
1. Read page source carefully
2. Dirb
3.From particular page, you can extract data using tool or manually (I did with both)
4. (This step is very important learning from me.) How can you work with files using hint number 3.
5. If you got the 4 then i think you will get the flag.
Can anyone check if the challenge is good? I've been meddling with the p********, still got no luck with manual method or s******. Got no response with the page.
Is the challenge broken? I've tried for very long without any luck.
Gave up and found both a write-up as well as a youtube video, both of which show functionality within the p********.*** file that i cant be replicated.
and the s***** tool that everyone is talking about is unable to figure out anything using that file, as people are hinting it should be able to in the here in the forum as well as in the video/walkthrough i found.
After much pain and suffering i have come to the conclusion that it must be broken. I also had problems with the Cartographer challenge and if i am not mistaken the ezpz challenge can not be reached
Is the challenge broken? I've tried for very long without any luck.
Gave up and found both a write-up as well as a youtube video, both of which show functionality within the p********.*** file that i cant be replicated.
and the s***** tool that everyone is talking about is unable to figure out anything using that file, as people are hinting it should be able to in the here in the forum as well as in the video/walkthrough i found.
Is the challenge broken? I've tried for very long without any luck.
Gave up and found both a write-up as well as a youtube video, both of which show functionality within the p********.*** file that i cant be replicated.
and the s***** tool that everyone is talking about is unable to figure out anything using that file, as people are hinting it should be able to in the here in the forum as well as in the video/walkthrough i found.
Hello guys,
I'm trying to do the advanced stuff with "The tool" but "The tool"'s telling me that there are "no data retrieved".
Already google it, but I'm not finding anything useful.
Please, can anyone send me towards the right direction?
I got stuck on this one for longer than I liked. But it was because I didn't know about some of my options, and I wasn't paying enough attention. Thanks for the hints in the thread, they helped me get out of my rabbit holes. I think this challenge is pretty tricky because you can get stuck easily. But I learned so it's good
Hey there! I managed to display some hashed datas but I can't figure out how to access the login form. The hints say "read the source code" but even after I perfomed directory listing and had a look on each accessible file I can't find this login form ... Any hint on "how to read source code"?
Comments
Hi. I've used the s****p tool against the p*****o.**p file but cannot bypass the waf using the t****r scripts. Can anyone assist me?
Hey, I am kinda stuck after using the s****p tool. I found the hash and login page. Not to sure what people refer to when saying the certain tool can be used for other purposes. I have looked at the -h menu. Nothing really stood out.
wrong discuss..
Hello,
I've recently started the FreeLancer challenge, and I am stuck at hashed password, can someone PM me and point me to the right direction.
Looking forward to your response.
Sincerely,
HappyGuy.
I hated this challenge until I solved it, now I'm glad I did. Biiiiig brain boosting from this one. Best hint I can give is to RTFM about the "tool" and the server itself, feel free to PM for nudges
Aspiring Pen-Tester
Done, I like this challenge, something new learned
Reach me on Discord: n3b0r#2873
I can't get any results with the tool. Getting only error that parameter can't be injected. Could somebody help and tell me what I am doing wrong?
I will be very grateful!
Some hints for this:
A some hints for noobs like me
1. Read source code (before using dirb). You will find something interesting. This is your key. Now you need a keyhole.
2. To find the keyhole you need dirb (etc)
3. You have to insert the key into the keyhole with the tool everyone is talking about. To do this, you must use the TOOL, but not in the way that noobs like me USUALLY use it. It is necessary to carefully study the additional features of the TOOL (for this, one letter "H" is not enough).
i can't find login page... any hints?
And can someone PM me because I don't know what you guys mean with the TOOL
Should i try to upload some file on the server?
Got the flag. Almost reached to the last stage, but got stuck on how to read source code of website. Research on google gave some hints and got the flag.
My hints:
1. Read page source carefully
2. Dirb
3.From particular page, you can extract data using tool or manually (I did with both)
4. (This step is very important learning from me.) How can you work with files using hint number 3.
5. If you got the 4 then i think you will get the flag.
PM me for any assist.
Can anyone check if the challenge is good? I've been meddling with the p********, still got no luck with manual method or s******. Got no response with the page.
@urushichan I am seeing the same thing...
Is the challenge broken? I've tried for very long without any luck.
Gave up and found both a write-up as well as a youtube video, both of which show functionality within the p********.*** file that i cant be replicated.
and the s***** tool that everyone is talking about is unable to figure out anything using that file, as people are hinting it should be able to in the here in the forum as well as in the video/walkthrough i found.
any ideas?
@FailWhale Today the tool worked. Flag captured.
upd. Decided to try again. Does not work...bugs..
I get an error 500 Internal Server Error. What can it be connected with?
After much pain and suffering i have come to the conclusion that it must be broken. I also had problems with the Cartographer challenge and if i am not mistaken the ezpz challenge can not be reached
Same for me, Cartographer and Freelancer do not work the intended way. (parameter not injectable)
I am always happy to help, but please put some effort into your questions. I won't reply to "I am stuck on machine XXX" messages.
Type your comment> @FailWhale said:
Im having the same issue ?
Type your comment> @jamiechap said:
Same here, not working
[MelkyFB Github](https://melkyfb.github.io)
yeah, almost 3 hours trying with diff tools I was not able to break this challange
[MelkyFB Github](https://melkyfb.github.io)
Yup this challenge and also the Cartographer challenge seem to be broken
Just confirmed that the this challenge is working again.
Hello guys,
I'm trying to do the advanced stuff with "The tool" but "The tool"'s telling me that there are "no data retrieved".
Already google it, but I'm not finding anything useful.
Please, can anyone send me towards the right direction?
Thanks to @agentjones for the hint, finally got it!
Managed to get the flag without any tools, really nice challenge.
Can DM for hints but please tell me what you've already tried
I got stuck on this one for longer than I liked. But it was because I didn't know about some of my options, and I wasn't paying enough attention. Thanks for the hints in the thread, they helped me get out of my rabbit holes. I think this challenge is pretty tricky because you can get stuck easily. But I learned so it's good
Hey there! I managed to display some hashed datas but I can't figure out how to access the login form. The hints say "read the source code" but even after I perfomed directory listing and had a look on each accessible file I can't find this login form ... Any hint on "how to read source code"?
Completed. No hash cracking or logging in required for flag.