Need Help with HDC web challange

hey all :slight_smile:
i am trying to solve the HDC web challange
i have found the credentials to access to HDC panel but then i didn’t found any email to send to get the flag as it was mentioned in the description any hint ??

I’m the opposite of you. I have all the emails, but didn’t get into the interface yet. My hint to you is enum and look at the source-code of any page you might find along the way :smiley:

Can you spare a hint on how to get into the interface, pure bruteforce or is there something else?

thnx for ur help
your hint is also mine LOL
try to look at all the source code of any pages and files
note: you have to know what you are searching for (this is the best hint)

but me i did searched all the sources for emails and found nothing …

You both have all of the information you need.

likwidsec
give us a hint ?? :slight_smile:

Try using the interface to send emails to the addresses you know.

me i dont have the emails

look into the source code of all panes, and you’ll notice something very very interesting :B

@puerkito66 said:
look into the source code of all panes, and you’ll notice something very very interesting :B

i have visted evry page even the JS files but nothing there i tryed searching emails / mail / @ and nothing

@Tw4vesX said:

@puerkito66 said:
look into the source code of all panes, and you’ll notice something very very interesting :B

i have visted evry page even the JS files but nothing there i tryed searching emails / mail / @ and nothing

Most likely you didn’t find the interested page, because if so, you would find the emails almost instantaneously.

Did you use some tools yet?

no i didn’t use any tools i have done everything manually and i succefully got into the panel but without the emails

i succefully got into the panel but without username password. please tell how to get flag.

are you sure, without password ? new way ? else if I remember that chall, check url.

Need some help here too. Got into the panel, review the “core” information and came up with a “semi-flag” that starts with “p0” I just can’t seem to find the email address even after reviewing all the “core” code. PM me if you can point me in the right direction

@Tw4vesX said:
i have visted evry page even the JS files but nothing there i tryed searching emails / mail / @ and nothing

check again the source code of ALL, and also check the paths where the pages are saved.

This challenge was pretty dumb imo, look at the big files you’d normally skip over, search for a few common terms, especially related to the slightly weird markup on the page.

i have got email and got access of cpanal. how i go further for flag

@hard said:
i have got email and got access of cpanal. how i go further for flag

Look at the description of the challenge .__.’

very interesting one. loved it… cracked it just today.