Official Phonebook Discussion

124

Comments

  • I got the phone book and can't understand what to do now

  • stuck on the s***** page, can someone help me out with a pm?

  • Can someone DM me a hint. Found s***** , but 4**.

  • I'm still stuck at the login page. I understand that I have to figure out what's going on behind what I see but I can't arrive to a way to figure that out.

  • Nice challenge, I learned a new technique. If you have found second page, look what is going on in the back, you may want to search some characters in google. Feel free to DM me for nudge :smile:

  • @JinKin thanks for the hint. Knowing the backend and login page is enough.

  • Can someone give me a nudge, please? I'm stuck on the login page, I notice the xss but that's it.

  • can someone give me a nudge pls

  • @vajkdry said:
    Just think about what might be behind what you see, and think about how it works. This should be enough for this challenge!

    can you give me a nudge pls

  • i'm entirely stuck on this one. Anyone available to chat?

  • Hi. I'm all stuck too. Anyone that I can DM ? Thanks.

  • Hey, I just passed login page and got the whole phonebook, but i can't retrieve the flag from it, any hints?

  • Type your comment> @bander said:

    Hey, I just passed login page and got the whole phonebook, but i can't retrieve the flag from it, any hints?

    can you dm me how you passed the login page?

  • Type your comment> @scr1pti3 said:

    Type your comment> @bander said:

    Hey, I just passed login page and got the whole phonebook, but i can't retrieve the flag from it, any hints?

    can you dm me how you passed the login page?

    Hint: Just Focus Special Characters

  • Type your comment> @bander said:

    Type your comment> @scr1pti3 said:

    Type your comment> @bander said:

    Hey, I just passed login page and got the whole phonebook, but i can't retrieve the flag from it, any hints?

    can you dm me how you passed the login page?

    Hint: Just Focus Special Characters

    I managed to bypass the login... But I don't get why. why does that special characters work, can you dm me an explanation.

  • Finally got it. I wouldn't say it's easy.
    Feel free to DM for nudges.

    Thanks, HTB and to the creator.

  • can someone help me with the login page i know i have to use xss to bypass it. But i dont know much about xss. so any help would be great

  • Type your comment> @crownslay said:

    can someone help me with the login page i know i have to use xss to bypass it. But i dont know much about xss. so any help would be great

    it's not related with XSS

  • @scr1pti3 said:

    I managed to bypass the login... But I don't get why. why does that special characters work, can you dm me an explanation.

    Read about l**p

  • Hi,I'm new on the plateforme, can someone help me to understand where i have to look for this challenge please :smile:

  • Hi can anyone help me? All day in this challenge and nothing y dont have anything except x** in main page. I made multiple common attacks but nothing.

    Pd. I speak english and spanis

  • Help, please give some hint.

  • Type your comment> @LaxusSlayer said:

    Hi can anyone help me? All day in this challenge and nothing y dont have anything except x** in main page. I made multiple common attacks but nothing.

    Pd. I speak english and spanis

    i don't know if it can help you but have you find the second page ?

  • done
    nice one!

  • Looking for hints im stuck step bro

  • Finally pwend. Take me a lot of time due a didn't know the main topics about this challenge. I think they have much what is commonly called dissociative controls in information security. Each control (for mean it a way ) took me two or four hours. I think that overthink, but Its worthy because learn a lot of topics a new concepts and upgrade my arsenal.

  • Type your comment> @bander said:

    @scr1pti3 said:

    I managed to bypass the login... But I don't get why. why does that special characters work, can you dm me an explanation.

    Read about l**p

    Hola mate, could you give me a hint what that short stands for, having trouble to understand the reason behind that special marks.

  • Hi,

    Completely stuck with this one.

    I have a loginpage and a seccond page. And the same pages in a different directory.

    at the end point of the X request I keep getting a forbidden. Already played with the headers etc. But unfortunately nothing at all. Is a successful login a must or is the bypass sufficient?

    I would like to receive a tip in the right direction. The tips already given are confusing rather than enlightening

  • the whole challenge is related only with first page, just try to bypass login page by injection and try to guess the password

  • edited December 2020

    I need help. I am stuck at the login page

    Can someone DM me instructions? I am new at this

Sign In to comment.