Patents

Does this “error” suppose to take u somewhere or just bad file format?

dirb is outputting a lot of things! could be rabbit hole or not!

Type your comment> @vu1ns0c said:

Does this “error” suppose to take u somewhere or just bad file format?

Also getting a JVM error, could be a rabbit hole…

docx2pdf? I think some Win thingy is taking place. Solar

This box is a very chonky boy.

![So-very-slow](upload://3uX260agX7LHnFqC2DsnThmedIh.gif "old-tech-was-used-on-this-box-i-think.It-should-be-fun!")

The first vuln seems almost too obvious, but I can’t come up with a working proof in spite of all I’ve read about related exploits. Feels like I’ve read too much in one sitting and lost focus.

Does anyone have a lead on some good study material?

@t4nt said:

The first vuln seems almost too obvious, but I can’t come up with a working proof in spite of all I’ve read about related exploits. Feels like I’ve read too much in one sitting and lost focus.

Does anyone have a lead on some good study material?

I am in an identical position I think. I’ve tried a few things which I thought would work but so far, nothing.

It’s a bit frustrating because I can’t tell if it is my own incompetence or if the approach is wrong :smile:

Still, onwards and upwards, once more unto the breach (etc).

3 hours and no blood. Somethings going on here

Tough box.

I am assuming there should be a vulnerability with the upload feature. Am I right? or nobody knows yet?

@TheNerd said:

I am assuming there should be a vulnerability with the upload feature. Am I right? or nobody knows yet?

I suspect, “no one knows yet” is the correct answer.

This box seems crazy hard so far. Nearly 6 hours and one blood. Barely found anything myself

I am suspecting the way to this box is through the upload function and I think it’s vulnerable to XXE.

Some errors I got mentioned there is an issue with libreoffice, but I am not sure if this is the way to the box.

Type your comment> @D8ll0 said:

I am suspecting the way to this box is through the upload function and I think it’s vulnerable to XXE.

Some errors I got mentioned there is an issue with libreoffice, but I am not sure if this is the way to the box.

These are my thoughts too. Perhaps mimicking the service locally will be beneficial…?

looks like ssrf in upload

I found a technique on mitre website that has to do with Microsoft’s Open Office XML.

maybe

Found a way to force patent to download something from my webserver. Now it’s about exploiting it :slight_smile:

There is a php version of the visible html page. I think it is the way in considering the comments in it.

6 users till now ? lol im gonna skip dis