TearOrDear - have I gone down the rabbit hole?

Hi all,
So I'm a newbie and did the EasyPass challenge with no problems, I'm now doing the TearOrDear challenge and have start reconstructing all of the various functions in the code (I can code so understand what's happening), mapping various array calls to produce strings, etc. but I can't find a result that works. I'm now wondering if I've gone too far down the rabbit hole and am missing something more obvious?

Just worried as I did the same thing with the Registration code because CURL wasn't working for me so I thought it was a red herring, I ended up doing a tonne of vulnerability scans, SQL Injection, etc. before just trying CURL again (and it worked!).

I definitely don't want an answer - just confirmation of if I'm overthinking this one!! :-)

Thanks!

Bob

Comments

  • Seems like you're doing way too much work for what is actually required to solve it in the end.

  • @poe said:
    Hi all,
    So I'm a newbie and did the EasyPass challenge with no problems, I'm now doing the TearOrDear challenge and have start reconstructing all of the various functions in the code (I can code so understand what's happening), mapping various array calls to produce strings, etc. but I can't find a result that works. I'm now wondering if I've gone too far down the rabbit hole and am missing something more obvious?

    Just worried as I did the same thing with the Registration code because CURL wasn't working for me so I thought it was a red herring, I ended up doing a tonne of vulnerability scans, SQL Injection, etc. before just trying CURL again (and it worked!).

    I definitely don't want an answer - just confirmation of if I'm overthinking this one!! :-)

    Thanks!

    Bob

    Try search on youtube

  • as a hint, try to search for a specific tool for debuggin this type of codes, and see how the variables change throughout the program :) (this last one is a feature of the tool)
    good luck

    Hack The Box

  • Hi all,
    Thanks for the hints - in the end I actually recreated the application :-)
    Poe

Sign In to comment.