Oouch

I see a possible vuln, but the WAF does not seem to like my attempts at all…

Type your comment> @Maddzie said:

obviously^

bruh lol I can’t…

“Internal Server Error” bruh

Authorized everywhere, cant seem to pass the code 500 Server error :confused:

Type your comment> @bertalting said:

Authorized everywhere, cant seem to pass the code 500 Server error :confused:

Me too…

I see a possible vuln, but the WAF does not seem to like my attempts at all…

Got a response… Now trying to get something useful…

get middleware tokens but dont know what to do with it

any one following the hackerone article ?

Type your comment> @bertalting said:

any one following the hackerone article ?

Don’t know which one… Mind sharing?

Type your comment> @Chr0x6eOs said:

Type your comment> @bertalting said:

(Quote)
Don’t know which one… Mind sharing?

PB mate

The obvious vuln in /c*****t seems to be a rabbit hole…

Type your comment> @Chr0x6eOs said:

The obvious vuln in /c*****t seems to be a rabbit hole…

Who knows :wink:

Type your comment> @bertalting said:

Type your comment> @Chr0x6eOs said:

The obvious vuln in /c*****t seems to be a rabbit hole…

Who knows :wink:

Yeah seems like it may lead to something… :slight_smile:

user finally fell!

Type your comment> @0x41 said:

user finally fell!

some hints? :smiley: :smiley:

user fell, but not to me ?
ask @haqpl, i’m still struggling with o**** rn

Type your comment> @0x41 said:

user fell, but not to me ?
ask @haqpl, i’m still struggling with o**** rn

Yeah me too. I have some ideas on what to do, but none of them work. :sweat_smile:

any help?? :smiley: :smiley: :smiley:

Did anyone figure out the applications part?
Does it require bruteforce?

I have have some connection back from playing with c******.p*. But I can’t find a way to turn it into lfi. Someone got some success to share following this path?

Or into anything else! :wink: