@CANC3RMAN said:
Can this challenge be completed with only using burpsuite?
No
@CANC3RMAN said:
Can this challenge be completed with only using burpsuite?
No
@drtychai can you help me?
@takuma said:
@CANC3RMAN said:
Can this challenge be completed with only using burpsuite?No
I didnāt use Burp.
can anyone please help me with this problem
could someone help?
@crevettedragon said:
@vitorgrohs said:
@crevettedragon said:
Hi,@InsOp said:
i guess the plaintext parameter gets confused with all those quotation marks. i got slightly upset when i figured that outIndeed I ran into the same issue and lost quite some time over something so trivial so I thought I could head over to the forum and help. Since this is my first post and I donāt want to spoil anyone Iāll try and formulate this in a way people that are not to this stage will not understand ( note to moderators: feel free to edit my comment otherwise ):
Once you know what to forge and want to forge it you might use a command that takes as one of itās parameter a ātextThatHasToPutInEncodedFormā (name voluntary modified not to be searchable too easily) . Some characters like " and , have to be escaped.
For example if you want to pass the following:
Hi,Iam{āNameā}
You need to escape as :
Hi,Iam{"Name"}
To test your escaped text just echo it in you bash.
Hope it helped.Man, you really fucked my noob brainā¦ but thats ok, lets move on. I stucked like almost everyone here and maybe my problem is this holy quotation marks. Is it like: {"eua":"boss","owner":"eua"}?
simple, echo it in your bash to test the escaping :
echo {\"eua\":\"boss\"\,\"owner\":\"eua\"}?
result:
{"eua":"boss","owner":"eua"}
when i put a question (?) after the echo i am getting that question mark back in my result
what is my mistake?
@noman said:
@crevettedragon said:
@vitorgrohs said:
@crevettedragon said:
Hi,@InsOp said:
i guess the plaintext parameter gets confused with all those quotation marks. i got slightly upset when i figured that outIndeed I ran into the same issue and lost quite some time over something so trivial so I thought I could head over to the forum and help. Since this is my first post and I donāt want to spoil anyone Iāll try and formulate this in a way people that are not to this stage will not understand ( note to moderators: feel free to edit my comment otherwise ):
Once you know what to forge and want to forge it you might use a command that takes as one of itās parameter a ātextThatHasToPutInEncodedFormā (name voluntary modified not to be searchable too easily) . Some characters like " and , have to be escaped.
For example if you want to pass the following:
Hi,Iam{āNameā}
You need to escape as :
Hi,Iam{"Name"}
To test your escaped text just echo it in you bash.
Hope it helped.Man, you really fucked my noob brainā¦ but thats ok, lets move on. I stucked like almost everyone here and maybe my problem is this holy quotation marks. Is it like: {"eua":"boss","owner":"eua"}?
simple, echo it in your bash to test the escaping :
echo {\"eua\":\"boss\"\,\"owner\":\"eua\"}?
result:
{"eua":"boss","owner":"eua"}
when i put a question (?) after the echo i am getting that question mark back in my result
what is my mistake?
Remove the question mark? xD
How to enter (Find the easy pass) Reversing challenge flag to Submit HTB{password}
The b0x was super c00l. Never did something like this! Need a little nudge? I am open to help! Inbox.
Can someone assist me with the tool. I am struggling to get it cracking.
im stuck with ERROR: All of the responses were identical.
any help pls
please, can anyone help me on this:
ERROR: All of the responses were identical.
Double check the Block Size and try again.
Alrighty my bois! Trying out this cookie monster challenge lol
SOā¦ I have busted the cookie using techniques demonstrated by ippsec in ālazyā walkthrough.
Now trying to create create the admin cookie. After busting the cookie tho. I got some plaintext in the form of javascriptā¦ um wut??
I dont know how to use that javascript lol.
Pay attention to the number of encryption blocks!!! ;D
Last hint for everyone hehehe
Should I really be using plaintext?? XDD
Alsoā¦ is the admin user āadminā?
hehe good luck all just solved this ā ā ā ā took me all god daum day stupid oraclesā¦
@fl337 said:
Last hint for everyone heheheShould I really be using plaintext?? XDD
Alsoā¦ is the admin user āadminā?
hehe good luck all just solved this ā ā ā ā took me all god daum day stupid oraclesā¦
PlainText is necessary, or not?
Tried different users and roles in the encrypted cookie, but canāt inject it. What do i miss?
@drtychai said:
Just finished this chall. Feel free to PM me for a nudge.
I PM-ed youā¦ quiet thoā¦
my padbuster hangs in
INFO: Starting PadBuster Decrypt Mode
*** Starting Block 1 of 4 ***
INFO: No error string was providedā¦starting response analysis
do I have to wait hours for this to complete?