How to stop triggering the block filter?

While replying messages on HTB forums, I very frequently run into an error which disallows me from posting. It's a page that contains:

OMG! You got r00t!

No, I'm just kidding :)

You have been blocked because you are trying to do something... 

I would like to know what the conditions are for triggering this, because I'm so sick and tired of typing a long response to people and then being unable to post it for whatever reason. I am not trying to do anything funny.

Thanks.

Comments

  • I think the HTB site is fronted by some sort of WAF, and whatever you are typing is triggering a rule. I ran into a similar issue when I was trying to post a writeup, and I was constantly getting the error message. It ended up being because I had ../../boo t.ini somewhere in the text.

    Looking for past Hack the Box write-ups or other security stuff? Feel free to visit: https://dastinia.io <3

  • yeah boring to paste code here

    peek

  • Yeah I keep getting this when trying to send a message to another member about helping them with priv esc (not for a particular machine just in general), not sure if its just that member or messaging all in all

    allahackbar

  • edited August 2018

    I just came here looking for a thread like this, hoping for a solution.

    It happens any time a message has anything that looks like a filesystem path in it. It's super annoying and doesn't make much sense, considering the nature of the site.

    Just a few minutes ago, I was trying to help someone with a challenge and had to put my message in a private pastebin and then link that to them, rather than just hitting Send.

    It's a little ridiculous.

    opt1kz

  • I triggered this yesterday whilst trying to help someone with a hint. I was adding server paths in code blocks which it didn't seem to like.

  • edited October 2018

    I am having the same issue, whether it is in code or not, slashes and dots seem to trigger it for me, even when I copy paste the exact same content back to people that were able to send it to me. I have started just base64 encoding everything I PM.

  • Anything that looks vaguely like it could possibly be code injection seems to trigger it. For situations like this, I compose my comments in a text editor and then cut and paste.

    LegendarySpork

    LegendarySpork

Sign In to comment.