I Know Mag1k

How to enter (Find the easy pass) Reversing challenge flag to Submit HTB{password}

The b0x was super c00l. Never did something like this! Need a little nudge? I am open to help! Inbox. :slight_smile:

Can someone assist me with the tool. I am struggling to get it cracking.

@ActivateD inbox me if you’re still struggling

im stuck with ERROR: All of the responses were identical.
any help pls

please, can anyone help me on this:
ERROR: All of the responses were identical.

Double check the Block Size and try again.

Alrighty my bois! Trying out this cookie monster challenge lol

SO… I have busted the cookie using techniques demonstrated by ippsec in ‘lazy’ walkthrough.

Now trying to create create the admin cookie. After busting the cookie tho. I got some plaintext in the form of javascript… um wut??

I dont know how to use that javascript lol.

Pay attention to the number of encryption blocks!!! ;D

Last hint for everyone hehehe

Should I really be using plaintext?? XDD

Also… is the admin user ‘admin’?

hehe good luck all just solved this ■■■■ took me all god daum day stupid oracles…

@fl337 said:
Last hint for everyone hehehe

Should I really be using plaintext?? XDD

Also… is the admin user ‘admin’?

hehe good luck all just solved this ■■■■ took me all god daum day stupid oracles…

PlainText is necessary, or not?

Tried different users and roles in the encrypted cookie, but can’t inject it. What do i miss?

@drtychai said:
Just finished this chall. Feel free to PM me for a nudge.

I PM-ed you… quiet tho… :frowning:

my padbuster hangs in

INFO: Starting PadBuster Decrypt Mode
*** Starting Block 1 of 4 ***

INFO: No error string was provided…starting response analysis

do I have to wait hours for this to complete?

Hey guys, im stuck on this. Busted, trying to reencrypt, tried escaping, no luck. Please PM me whoever is available

@SYNDROME said:
my padbuster hangs in

INFO: Starting PadBuster Decrypt Mode
*** Starting Block 1 of 4 ***

INFO: No error string was provided…starting response analysis

do I have to wait hours for this to complete?

check ur commands

Hi guys, im stuck with the reencryption. Can someone give me a nudge?

Edit: Done with this challenge! It was so fun and it gives me a lot to think of! Thank you so much for the HTB team. Anyone who is having a difficulty, feel free to pm me

Thanks for the great support in this thread

I’m looking for help on this if anyone is available. I’ve completed another challenge I found elsewhere online for the same type of vulnerability without issue. I can’t get the tool I’m using to work consistently at all, it consistently fails after 10-15 minutes of working. Really time consuming.

I’d appreciate it if anyone could lend a hand =]


Update: I’ve figured it out. The tool has a setting that really messed with me. I thought I had tried manipulating them all, clearly not enough. Thank god PenTesterLabs has a similar challenge. I never would have figured it out otherwise.

Spoiler Removed - Arrexel

I’m so close on this one… can I pm someone to see if I’m on the correct path?