I Know Mag1k

124

Comments

  • edited July 2018

    @crevettedragon said:

    @vitorgrohs said:

    @crevettedragon said:
    Hi,

    @InsOp said:
    i guess the plaintext parameter gets confused with all those quotation marks. i got slightly upset when i figured that out :anguished:

    Indeed I ran into the same issue and lost quite some time over something so trivial so I thought I could head over to the forum and help. Since this is my first post and I don't want to spoil anyone I'll try and formulate this in a way people that are not to this stage will not understand ( note to moderators: feel free to edit my comment otherwise ):

    Once you know what to forge and want to forge it you might use a command that takes as one of it's parameter a "textThatHasToPutInEncodedForm" (name voluntary modified not to be searchable too easily) . Some characters like " and , have to be escaped.
    For example if you want to pass the following:
    Hi,Iam{"Name"}
    You need to escape as :
    Hi\,Iam{\"Name\"}
    To test your escaped text just echo it in you bash.
    Hope it helped.

    Man, you really fucked my noob brain... but thats ok, lets move on. I stucked like almost everyone here and maybe my problem is this holy quotation marks. Is it like: {\"eua\":\"boss\"\,\"owner\":\"eua\"}?

    simple, echo it in your bash to test the escaping :
    echo {\"eua\":\"boss\"\,\"owner\":\"eua\"}?
    result:
    {"eua":"boss","owner":"eua"}

    when i put a question (?) after the echo i am getting that question mark back in my result
    what is my mistake?

  • @noman said:

    @crevettedragon said:

    @vitorgrohs said:

    @crevettedragon said:
    Hi,

    @InsOp said:
    i guess the plaintext parameter gets confused with all those quotation marks. i got slightly upset when i figured that out :anguished:

    Indeed I ran into the same issue and lost quite some time over something so trivial so I thought I could head over to the forum and help. Since this is my first post and I don't want to spoil anyone I'll try and formulate this in a way people that are not to this stage will not understand ( note to moderators: feel free to edit my comment otherwise ):

    Once you know what to forge and want to forge it you might use a command that takes as one of it's parameter a "textThatHasToPutInEncodedForm" (name voluntary modified not to be searchable too easily) . Some characters like " and , have to be escaped.
    For example if you want to pass the following:
    Hi,Iam{"Name"}
    You need to escape as :
    Hi\,Iam{\"Name\"}
    To test your escaped text just echo it in you bash.
    Hope it helped.

    Man, you really fucked my noob brain... but thats ok, lets move on. I stucked like almost everyone here and maybe my problem is this holy quotation marks. Is it like: {\"eua\":\"boss\"\,\"owner\":\"eua\"}?

    simple, echo it in your bash to test the escaping :
    echo {\"eua\":\"boss\"\,\"owner\":\"eua\"}?
    result:
    {"eua":"boss","owner":"eua"}

    when i put a question (?) after the echo i am getting that question mark back in my result
    what is my mistake?

    Remove the question mark? xD

  • How to enter (Find the easy pass) Reversing challenge flag to Submit HTB{password}

  • The b0x was super c00l. Never did something like this! Need a little nudge? I am open to help! Inbox. :)

  • Can someone assist me with the tool. I am struggling to get it cracking.

  • @ActivateD inbox me if you're still struggling

  • im stuck with ERROR: All of the responses were identical.
    any help pls

    Arrexel

  • please, can anyone help me on this:
    ERROR: All of the responses were identical.

    Double check the Block Size and try again.

  • Alrighty my bois! Trying out this cookie monster challenge lol

    SO... I have busted the cookie using techniques demonstrated by ippsec in 'lazy' walkthrough.

    Now trying to create create the admin cookie. After busting the cookie tho. I got some plaintext in the form of javascript... um wut??

    I dont know how to use that javascript lol.

  • Pay attention to the number of encryption blocks!!! ;D

  • Last hint for everyone hehehe

    Should I really be using plaintext?? XDD

    Also.... is the admin user 'admin'?

    hehe good luck all just solved this shit took me all god daum day stupid oracles...

  • @fl337 said:
    Last hint for everyone hehehe

    Should I really be using plaintext?? XDD

    Also.... is the admin user 'admin'?

    hehe good luck all just solved this shit took me all god daum day stupid oracles...

    PlainText is necessary, or not?

  • edited September 2018

    Tried different users and roles in the encrypted cookie, but can’t inject it. What do i miss?

  • @drtychai said:
    Just finished this chall. Feel free to PM me for a nudge.

    I PM-ed you.. quiet tho.. :(

  • my padbuster hangs in

    INFO: Starting PadBuster Decrypt Mode
    *** Starting Block 1 of 4 ***

    INFO: No error string was provided...starting response analysis

    do I have to wait hours for this to complete?

  • Hey guys, im stuck on this. Busted, trying to reencrypt, tried escaping, no luck. Please PM me whoever is available

  • @SYNDROME said:
    my padbuster hangs in

    INFO: Starting PadBuster Decrypt Mode
    *** Starting Block 1 of 4 ***

    INFO: No error string was provided...starting response analysis

    do I have to wait hours for this to complete?

    check ur commands

    sckull

  • envenv
    edited September 2018

    Hi guys, im stuck with the reencryption. Can someone give me a nudge?

    Edit: Done with this challenge! It was so fun and it gives me a lot to think of! Thank you so much for the HTB team. Anyone who is having a difficulty, feel free to pm me

  • edited September 2018

    Thanks for the great support in this thread

  • edited September 2018

    I'm looking for help on this if anyone is available. I've completed another challenge I found elsewhere online for the same type of vulnerability without issue. I can't get the tool I'm using to work consistently at all, it consistently fails after 10-15 minutes of working. Really time consuming.

    I'd appreciate it if anyone could lend a hand =]


    Update: I've figured it out. The tool has a setting that really messed with me. I thought I had tried manipulating them all, clearly not enough. Thank god PenTesterLabs has a similar challenge. I never would have figured it out otherwise.

  • edited September 2018

    Spoiler Removed - Arrexel

  • I'm so close on this one... can I pm someone to see if I'm on the correct path?

  • hey i'm trying to bust the cookie but when i use the tool i get the response
    "ERROR: All of the responses were identical.

    Double check the Block Size and try again."

    tried to use the full cookie but couldn't find way to make the syntax pass
    received thos ekind of errors
    "Encrypted Bytes must be evenly divisible by Block Size (8)
    Encrypted sample length is 1. Double check the Encoding and Block Size."
    someone can please hint me to the right way?

  • i am getting this while decrypt cookies

    ERROR: All of the responses were identical

    some one help me

  • @mehadilemon said:
    i am getting this while decrypt cookies

    ERROR: All of the responses were identical

    some one help me

    Probably using the wrong php page.

    Deleite

  • @SYNDROME said:
    my padbuster hangs in

    INFO: Starting PadBuster Decrypt Mode
    *** Starting Block 1 of 4 ***

    INFO: No error string was provided...starting response analysis

    do I have to wait hours for this to complete?

    On my i7 laptop took over 30 min.

    Deleite

  • @artikrh said:

    @jamesgreen said:
    I need some help please. I have decypted the thing that needs to be decrypted. and got back {"user":"XXX","role":"XXX"} then when I recrypt that value and inject it . it doesn't work. I have tried different user account types and roles. what am I missing?

    Are you using the same encoding technique when encrypting?

    I am also wondering why we need to add back slashes. If decoding produced the values it did, why can't we just edit those and re-encode with the -plaintext option? PM if you don't want to spoil, but I want to learn here and figure out what this accomplishes.

    Thanks!

    publicist

  • Hi guys ,
    For months now i’ve struggled on this challenge . The main issue is i’ve encrypted the cookie to something that related to the admin page , fired burp so i can send the request but i got a massive roadblock . I seem to be redirected back to the user page , please can one of you amazing hackers help a bro out 😎

    Much Appreciated :)
  • @bkmstar, i have solved it. i can provide some guidance if needed. dm me.

    to others that solved it without hints, how did you know what direction to take and tool to use. i would be interested in hearing your approach. thanks

  • @likwidsec said:

    @beginner2010 said:
    All hints can be found here:) Just read all posts and you will get flag for sure:)

    What this guy means is "All spoilers can be found here - read all the posts and you will have the answer handed to you and not learn a single thing from this challenge"

    Fixed that for ya.

    I know this is an old comment, but literally see you on every thread crying about spoilers. LOL cry more

Sign In to comment.