I Know Mag1k

1235»

Comments

  • edited November 2018

    i solve this challenge fack fack fack :-) ...
    an hint ... the same tool for find vulnerability, test the exploit, apply exploit

  • edited December 2018

    Resolved

  • edited December 2018

    Hey.. any of you noticed this challenge awarding only 5 points ? I'm a bit confused since it said 50 points at the htb web portal... Maybe i just don't understand how points work.. :/

    EDIT: Nevermind.... I read how it works hehe

  • Thank you a lot for @quas , he helped me in the last step to get the flag.

  • Can someone help with encrypting the payload please

  • what follows the next ! mark had me stuck for days... ! ' Hope it helps.

  • edited December 2018

    I solved my problem;

  • edited January 7

    I hope it is not spoiler> Somebody else getting this?
    [+] Success: (16/256) [Byte 8]
    [+] Success: (51/256) [Byte 7]
    ERROR: 500 Can't connect to docker.hackthebox.eu:37344 (Connection refused)
    Retrying in 10 seconds...

    EDIT: It was mobile net issue. 500 are gone on stable net

  • edited January 21

    Sup everybody, I have decrypted the thing and all of that, but when I encrypt it back it doesn't work. I tried pretty much every combination. Any help would be appreciated... I'm really struggling with this. Thanks !

    EDIT: Nvm, I got it

  • Syntax and correct escaping are crucial. Hours lost because of that.

    epsequiel

  • Spoiler Removed

  • I am a sophomore student who is new to hacking. I completed HDC with only a slight nudge back on the right track, but for this I am clueless as to where I even start or where my goal is. Can anyone provide me with some resources where I can learn the tools I need for this challenge. I do not need hints, I want to learn how to do this but I don't know what I need to learn.

  • Type your comment> @Volkyz said:

    Sup everybody, I have decrypted the thing and all of that, but when I encrypt it back it doesn't work. I tried pretty much every combination. Any help would be appreciated... I'm really struggling with this. Thanks !

    EDIT: Nvm, I got it

    What program did you use for decrypting?

  • Hi, I'm stuck... I'm a beginner here and I need some help... tried some stuff with Burpsuite, tried SQL injection but it doesn't work.. can anyone help me?

    Thanks!!

  • I could use some help on how to approach the challenge, i've tried a bunch of stuff but anything seem to work, i'm starting to get frustrated

  • Type your comment> @PAH said:

    I could use some help on how to approach the challenge, i've tried a bunch of stuff but anything seem to work, i'm starting to get frustrated

    Same, I had an idea... but yeah, it probably won't work.. I thought you have to bruteforce the PHPSESSID cookie, so just the PHP session. This is maybe possible just through the browser with some own JavaScript. Changing the cookie, sending a GET request to the profile.php page and saying: if the response isn't the login page (that's what you get if your cookie is invalid), log it to the console or something like that.

    But yeah.. I don't know exactly how secure the session is... but I think it's pretty secure... I heard that it was in an earlier version of PHP 160 bits... so it'll take forever to bruteforce it.. and it may be more secure right now... so it won't work.. somebody ideas?

  • Hello ! I m new and i m trying to do this challenge but i m stuck . Could someone give me a hint ?

  • i ve decrypted the cookie and modified it ,but it doesn t work .(I tried a lot of different settings but still no succes), can someone please tell me what i m doing wrong

    Thanks

  • This was a very interesting challenge. I didn't know this kind of attack was possible and so easy (with the right tools of course).

    Thanks all for the hints that are posted in this topic. Without it I wouldn't have found out where to start looking. Once you know what the vulnerability is and you know what tool you can use, it becomes relatively straight forward.
    I am still interested to see how this attack could be done via BurpSuite. Could someone point me into the right direction?

  • Hi,

    when im using p**b**** then it always tells me "Argument isnt numeric in modulus

    Does anyone has had this problem too?

  • Got stuck and Don't know where to start

  • edited March 13
    figured it out
  • Im still lost, can anyone msg me with some help. I understand that a cookie must be busted and I have some program to do that. I don't understand how it all works and if there is something I need to do before hand.

  • Can someone provide a hint, please?

  • edited June 8

    Type your comment> @fl337 said:

    Last hint for everyone hehehe

    Should I really be using plaintext?? XDD

    Also.... is the admin user 'admin'?

    hehe good luck all just solved this shit took me all god daum day stupid oracles...

    not sure if this was supposed to help or confused - it was the latter for me :-(.

    Managed to crack it, lots of helpful tips in this threat. Thank you all.

    PM if need help/guidance.

    EDIT: if that helps there is a recipe for "Escape String" in CyberChef :-)

  • I had a ton of fun with this one. Some hints:

    -BUSTER, you better get some PAD thai for lunch
    -Then youll have a SUITE of gaseous emissions out of your mouth; excuse your belches.
    -Try hard, and be patient because running the first hint can take awhile.

    PM me if you need further help :3

  • edited June 21

    Hi!
    I'm stuck at the point where I have to decrypt the cookie.
    I use the p*b tool but I can't hit the syntax.

    Heeeeeeeeeeeeelppppp

  • edited September 3

    Hi,
    I'm stuck with this... I use p**b****r, i decrypt things but i can encrypt... I add the "plaintext" admin blabla but it's always encrypt 2 blocks and no 4.. Someone can help ?

Sign In to comment.