Official breaking grad Discussion

Official discussion thread for breaking grad. Please do not post any spoilers or big hints.


  • First Comment :smiley:

  • Any hints, i'm just able to get "Pass" message

  • Stuck on passed right now

  • solved, nice challnge! If someone need help just PM me :smile:


  • edited July 3

    also liked this challenge, thanks to the @makelarisjr and @makelaris for submitting.

  • Type your comment> @blackv0x45 said:

    Any hints, i'm just able to get "Pass" message

    Me too. Any help please?? Thanks

  • Also was able to get the 'Passed' message.

    Thinking in two different ways no, to get the flag content.
    1) Trying to do a bash injection, with the error you get when you call /d****/r**
    2) Passing a JS-function to the isO**** function.

    Am I on the right track?
    Any nudge would be helpful

  • azaaza
    edited July 18

    My IP got banned, am I on the right track?
    Looks like m****y l**k is a rabit hole, still going at it.

  • Any hint for this one? I'm no able to figure out how to progress with it.
    /debug commands seams to be rabbit holes, so I'm trying to exploit deserialization into JSON.stringify.

    I'm thinking that I wasn't able to get the conn back due to my local restrictions on my mobile internet connection, seems that the iPhone is not rutting from shared conn to computer on netcat commands.

    If someone can confirm to me that this is the correct path it will be appreciated.


  • Thanks authors, I'm really enjoyed this one! Simple hint for the others: "Inheritance is the key".

  • edited September 10
    I think overwriting the __*****__ property is the right way, but i don't really get how to do it since every time i try to change it, it ends to merge it as a simple property and not as __*****__.
  • Type your comment> @p4w16 said:

    solved, nice challnge! If someone need help just PM me :smile:

    I'd love to receive some help, but HTB will not let me send messages until certain rank is achieved. Could anyone drop the hints here please?

  • "RangeError: Maximum call stack size exceeded" is that what i am supposed to get?

Sign In to comment.