HDC | Web Challenge

Hey,
i'm quite new here and just solved the web challenge but i noticed some things that bothered me.
Firstly that you had to guess the email-address that seems kind of odd to me? Did i miss a hint?
And secondly i noticed that there was an other admin panel under the port 32768. I really wonder what it does or/and how to get access to it? "The hint is bruteforcing but i didn't tried it yet"

Comments

  • Hello Axon, regarding the other port, its just another user's instance. Nothing more for you to exploit.

    Ch4p

  • Thank you, i just noticed that the name is the name of an other challenge.

  • Ok bro so any hints here I was intercepting the response and trying basic bypass techniques but NADA any nudge in the right direction?

  • read the source. it is all there

  • gone through source page of HDC & challenge001 but didn't know how to proceed further..

    B0rN2R00T

  • look at the source page and digging in JavaScript files

    Hack The Box

  • edited May 2018

    found nothing interesting found maybe missing something obious

    B0rN2R00T

  • @B0rN2R00T said:
    found nothing interesting found maybe missing something obious

    as other said, look deeper in the JS files.
    if you do not find anything interesting you did not look well enough

  • Atlast i got it...........Even though it feels like spilling blood out of my eye's while looking depeer.
    For those who are still stuck at login page go through JS files and use colors to get clear look coz there's 99% chance you'll miss it when reading in monochrome style :)

    B0rN2R00T

  • I was able to send the email. And now?

    andremilke

  • @andremilke said:
    I was able to send the email. And now?

    I got it.

    andremilke

  • I Cannot understand where should i start...

  • edited May 2018
    "Check the source Luke"

    BTW this thread is full of tips. To be honest if you"hacked" yourself inn without help this task should be "easy"

    If you feel you are hitting brick wall and really don't know what to do than pm me, I will help.
  • Need a little nudge? Can help you! Inbox!

  • I found there are some stego stuff in 'gray matter' logo on the top-left of the index page.But run my worklist cannot stegocrack the image. Am i on the right road?

  • I have noticed (presumably) prebid.js on the site. I'd doesn't seem to be related to task so I'm wondering whether someone uploaded it there for malicious purposes. Any hints?

  • Completed it!
    A bit of patience and some common sense will take you far :)

    PM me if you need help

  • edited June 19

    Hi!
    I got the e-mails but I don't know what to do with them.
    I know there's a form to send a message but I don't get anything in the reply.

  • Hi guys, on this got to the point where i can use the emails but looking at the 'tool' I am not getting the expected result ? any pointers ?

  • Type your comment> @carr0t said:

    Hi!
    I got the e-mails but I don't know what to do with them.
    I know there's a form to send a message but I don't get anything in the reply.

    Make sure to try everyone.

Sign In to comment.