I Know Mag1k

@SYNDROME said:
my padbuster hangs in

INFO: Starting PadBuster Decrypt Mode
*** Starting Block 1 of 4 ***

INFO: No error string was provided…starting response analysis

do I have to wait hours for this to complete?

check ur commands

Hi guys, im stuck with the reencryption. Can someone give me a nudge?

Edit: Done with this challenge! It was so fun and it gives me a lot to think of! Thank you so much for the HTB team. Anyone who is having a difficulty, feel free to pm me

Thanks for the great support in this thread

I’m looking for help on this if anyone is available. I’ve completed another challenge I found elsewhere online for the same type of vulnerability without issue. I can’t get the tool I’m using to work consistently at all, it consistently fails after 10-15 minutes of working. Really time consuming.

I’d appreciate it if anyone could lend a hand =]


Update: I’ve figured it out. The tool has a setting that really messed with me. I thought I had tried manipulating them all, clearly not enough. Thank god PenTesterLabs has a similar challenge. I never would have figured it out otherwise.

Spoiler Removed - Arrexel

I’m so close on this one… can I pm someone to see if I’m on the correct path?

hey i’m trying to bust the cookie but when i use the tool i get the response
"ERROR: All of the responses were identical.

Double check the Block Size and try again."

tried to use the full cookie but couldn’t find way to make the syntax pass
received thos ekind of errors
“Encrypted Bytes must be evenly divisible by Block Size (8)
Encrypted sample length is 1. Double check the Encoding and Block Size.”
someone can please hint me to the right way?

i am getting this while decrypt cookies

ERROR: All of the responses were identical

some one help me

@mehadilemon said:
i am getting this while decrypt cookies

ERROR: All of the responses were identical

some one help me

Probably using the wrong php page.

@SYNDROME said:
my padbuster hangs in

INFO: Starting PadBuster Decrypt Mode
*** Starting Block 1 of 4 ***

INFO: No error string was provided…starting response analysis

do I have to wait hours for this to complete?

On my i7 laptop took over 30 min.

@artikrh said:

@jamesgreen said:
I need some help please. I have decypted the thing that needs to be decrypted. and got back {“user”:“XXX”,“role”:“XXX”} then when I recrypt that value and inject it . it doesn’t work. I have tried different user account types and roles. what am I missing?

Are you using the same encoding technique when encrypting?

I am also wondering why we need to add back slashes. If decoding produced the values it did, why can’t we just edit those and re-encode with the -plaintext option? PM if you don’t want to spoil, but I want to learn here and figure out what this accomplishes.

Thanks!

Hi guys ,
For months now i’ve struggled on this challenge . The main issue is i’ve encrypted the cookie to something that related to the admin page , fired burp so i can send the request but i got a massive roadblock . I seem to be redirected back to the user page , please can one of you amazing hackers help a bro out ?

Much Appreciated :slight_smile:

@bkmstar, i have solved it. i can provide some guidance if needed. dm me.

to others that solved it without hints, how did you know what direction to take and tool to use. i would be interested in hearing your approach. thanks

@likwidsec said:

@beginner2010 said:
All hints can be found here:) Just read all posts and you will get flag for sure:)

What this guy means is “All spoilers can be found here - read all the posts and you will have the answer handed to you and not learn a single thing from this challenge”

Fixed that for ya.

I know this is an old comment, but literally see you on every thread crying about spoilers. LOL cry more

i solve this challenge fack fack fack :slight_smile:
an hint … the same tool for find vulnerability, test the exploit, apply exploit

Resolved

Hey… any of you noticed this challenge awarding only 5 points ? I’m a bit confused since it said 50 points at the htb web portal… Maybe i just don’t understand how points work… :confused:

EDIT: Nevermind… I read how it works hehe

Thank you a lot for @quas , he helped me in the last step to get the flag.

Can someone help with encrypting the payload please

what follows the next ! mark had me stuck for days… ! ’ Hope it helps.