Official Phonebook Discussion

1235»

Comments

  • Error EOF in pag s*****
    help

  • Got past the log in page. No idea what to do next....any help?

  • Type your comment> @rancilio said:

    Got past the log in page. No idea what to do next....any help?

    check how did you pass the login then try to guess username and password

  • Spoiler Removed

  • Will brutefore or xss will help in this

  • i have found another page with a search field but it shows nothing

  • Spoiler Removed

  • @annomy said:

    try this out

    This challenge is still active. It is a breach of HTB's Terms of Use to publish walkthroughs of active challenges/boxes.

    TazWake

    Note: https://www.nohello.com/

    Happy to help people but PLEASE explain your problem in as much detail as possible! If you say vague things like "It's not working", I cant help. This isn't Twitter so my DMs are always open.

  • I was able to query the phonebook, but I'm a little stumped on what the next step is here?

  • Type your comment> @davissp14 said:

    I was able to query the phonebook, but I'm a little stumped on what the next step is here?

    As am i. It'd be a lot easier to have an end goal of where i might find the flag.. Is the page after login relevant at all?

  • Type your comment> @Mattigins said:

    Type your comment> @davissp14 said:

    I was able to query the phonebook, but I'm a little stumped on what the next step is here?

    As am i. It'd be a lot easier to have an end goal of where i might find the flag.. Is the page after login relevant at all?

    Nope,

    Can be useful for verifying a user, but not really.

    See what you have and what you can do with it. Maybe a little scripting can help you further

  • someone dm some hint first page give me nothing second return 4xx

  • Type your comment> @scr1pti3 said:

    Type your comment> @bander said:

    Type your comment> @scr1pti3 said:

    Type your comment> @bander said:

    Hey, I just passed login page and got the whole phonebook, but i can't retrieve the flag from it, any hints?

    can you dm me how you passed the login page?

    Hint: Just Focus Special Characters

    I managed to bypass the login... But I don't get why. why does that special characters work, can you dm me an explanation.

    I managed to get past the login as a complete fluke. Would love a DM that explains how/why that works...

  • Finally, done. Had a good chuckle when it finally clicked. Overthinking really was the enemy.

  • Finally done and it's so painfully obvious once you know the answer. I felt I broke down the door and rushed to rake the house for the treasure, when all this time, the treasure was in the shape of the key that unlocks the door.

    Focus on how you broke through the login page and what information you can obtain using that same method.

    I ended up writing a small program, to help me.

  • Lost so much time overthinking it hahha. Good challenge !

  • I need help. I am stuck at the login page. Can someone DM me a hint?

  • I need help. I am stuck at the login page. Can someone DM me a hint?

  • Hi,
    If someone could DM me, I've got few questions
    Thanks

  • This one has had me stumped for a week...

  • Sadly I am stuck at this one as well. Up to now I have:

    • found the s***** page, stuck with the 4** response, tried some bypassing stuff but no luck.
    • found certain chars that trip up the l**** page, but wasn't able to get something out of it.
    • tried some x** at the l**** page, seems not so useful

    I have only recently start CTF and really could use a nudge in the right direction, can someone with more experience DM me?

  • edited February 17

    "oh my i am still stuck at the login page can someone give me hint? i figured it out we should do something with special characters but idk what should i use"
    update : i get the user but now stuck at the privesc i know what should i do but idk what should i search :(

Sign In to comment.