PlayerTwo

Authenticated on 2FA, just got a page with lots of GIF images… will search for more I guess…

@kichung

playing with 2FA service, always got missing parameter error. Is this guessing task or I am missing something?

Sometimes the message is not telling the truth! RTFM on t**p payloads

Type your comment> @xtonousou said:

@kichung

playing with 2FA service, always got missing parameter error. Is this guessing task or I am missing something?

Sometimes the message is not telling the truth! RTFM on t**p payloads

You’re right. Just got it. Choosing data representation is a key.

and now stuck on P******.*** file… any hints for that one? my tools are not recognizing it

@farbs said:
Yeah, I’m with you @AcroTiger. The t**** docs gave me nothing to go off of. I understand exactly what everyone is referring to, and I understand how I am intended to communicate with it, but without a valid endpoint, how am I ever supposed to know where to start?

I’ve tried fuzzing for valid endpoints as well by response codes, and that was filtered and therefore useless.

Could use a nudge – been stuck at t**** since release.

Read why we use that service (probably you may aware of). It really needed a specific definition file to either route or communicate. Good Luck :slight_smile:

Spoiler Removed

Is there a way to identify developer/name of this t**p? I am struggling to find correct documentation.
EDIT: so no docs found… But blindly searching for attacks for that kind of service helped.

can any one give me a hint ?

i am stuck at the starting image

Type your comment> @Mandarzx said:

i am stuck at the starting image

enumerates the world

Stuck on the file we can download. Do I need to find anything else to be able to create my payload? Did the ‘walk’ and and I think I know what I’ll need to do but missing a crucial piece of information to do it.

Type your comment> @idomino said:

Stuck on the file we can download. Do I need to find anything else to be able to create my payload? Did the ‘walk’ and and I think I know what I’ll need to do but missing a crucial piece of information to do it.

You can actually achieve RCE with … a herring! «dramatic music stab»

Or, perhaps, with tarball you just happen to find lying around somewhere. Maybe take a break, decompress. Just a little redecoration in a way, not a renovation. No need to do anything that would require inspection.

@idomino said:
Stuck on the file we can download. Do I need to find anything else to be able to create my payload? Did the ‘walk’ and and I think I know what I’ll need to do but missing a crucial piece of information to do it.

A documentation from where you downloaded it gonna definitely help you to understand how it looks like and what you can do with it. Good Luck :slight_smile:

Type your comment> @idomino said:

Stuck on the file we can download. Do I need to find anything else to be able to create my payload? Did the ‘walk’ and and I think I know what I’ll need to do but missing a crucial piece of information to do it.

Same here, little clue would be nice. Thanks
Docs read couple of times, but if we add something, than it will not be as equal, and it will be rejected.

Type your comment> @BigBoss said:

Type your comment> @idomino said:

Stuck on the file we can download. Do I need to find anything else to be able to create my payload? Did the ‘walk’ and and I think I know what I’ll need to do but missing a crucial piece of information to do it.

Same here, little clue would be nice. Thanks
Docs read couple of times, but if we add something, than it will not be as equal, and it will be rejected.

I got 2 things that might be related to what was written in the documentation. But do not know how to implement it.

I don’t know if I’m on the right track, I have RCE. But I have not signed anything. The fact is that I do not get shell, just code execution :frowning: Anyone in the same situation?

@CyberVaca said:
I don’t know if I’m on the right track, I have RCE. But I have not signed anything. The fact is that I do not get shell, just code execution :frowning: Anyone in the same situation?

been there. you should be able to get from RCE to a shell.
PM if you need some hints

Type your comment> @CyberVaca said:

I don’t know if I’m on the right track, I have RCE. But I have not signed anything. The fact is that I do not get shell, just code execution :frowning: Anyone in the same situation?

How could you get it without signing?

I tried using netcat and I get the connection but the user -e / bin / bash does nothing … it is very rare. As for the signature, I have a trick that I used with other firmwares. I don’t want to do spoilers.

Ok, I already got shell without signing anything. Thank you.