I read all your posts and I am having hard time to solve this CTF because I am also new to CTFs. The thing is that I tried Fuzzer and dirb in any possible way including changing the parameters (e.g. /panel.php?FUZZER=FUZZER or FUZZER.php?) but still dont work. Can someone either PM me to just tell me what I am doing wrong I dont want the solution straight ahead but just tell me what I am doing wrong. Thank you
Could someone point me in the right direction? Tried bruteforcing user, sql inject. Fuzzed the urls and found panel.php, but it is a direct redirect. Tried to fuzz any parameters in the form of FUZZ=FUZZ but also did not succeed, now I am stuck.
Still stuck on this, I got the username/password but after fuzzing the ■■■■ out of the url, I still can’t find the keyword to use to go somewhere other than HOME.
@meni0n said:
Still stuck on this, I got the username/password but after fuzzing the ■■■■ out of the url, I still can’t find the keyword to use to go somewhere other than HOME.
You will punch yourself in the face once you figure it out. N30C0UNT nailed it.
@N30C0UNT said:
Your overthinking it. The answer is simple, but insanely frustrating. Think about what you are looking for on the box. Try going there.