Oouch

Type your comment> @bertalting said:

any one following the hackerone article ?

Don’t know which one… Mind sharing?

Type your comment> @Chr0x6eOs said:

Type your comment> @bertalting said:

(Quote)
Don’t know which one… Mind sharing?

PB mate

The obvious vuln in /c*****t seems to be a rabbit hole…

Type your comment> @Chr0x6eOs said:

The obvious vuln in /c*****t seems to be a rabbit hole…

Who knows :wink:

Type your comment> @bertalting said:

Type your comment> @Chr0x6eOs said:

The obvious vuln in /c*****t seems to be a rabbit hole…

Who knows :wink:

Yeah seems like it may lead to something… :slight_smile:

user finally fell!

Type your comment> @0x41 said:

user finally fell!

some hints? :smiley: :smiley:

user fell, but not to me ?
ask @haqpl, i’m still struggling with o**** rn

Type your comment> @0x41 said:

user fell, but not to me ?
ask @haqpl, i’m still struggling with o**** rn

Yeah me too. I have some ideas on what to do, but none of them work. :sweat_smile:

any help?? :smiley: :smiley: :smiley:

Did anyone figure out the applications part?
Does it require bruteforce?

I have have some connection back from playing with c******.p*. But I can’t find a way to turn it into lfi. Someone got some success to share following this path?

Or into anything else! :wink:

Well, tricked the admin into doing what I want. Which gives me… ???

check documents after getting admin)

…charming machine!

Struggling to get my account connected from the hidden link ?

Type your comment> @cyberafro said:

Struggling to get my account connected from the hidden link ?

Yeah me too…

Ouch, when I tried to register this morning I only got internal server errors and assumed it’s on purpose. Wasted a few hours, restarted the box and now I could register :facepalm:

Type your comment> @idomino said:

Ouch, when I tried to register this morning I only got internal server errors and assumed it’s on purpose. Wasted a few hours, restarted the box and now I could register :facepalm:

Yeah 500s occur regularly… Just refresh a couple of times and they are gone…

Owned user, this is an incredible box so far. Has really taught me something, everything makes sense, very little guesswork.