Nothing at all worked for me, now i’m stuck and my brain is blocked with this, so i can’t think clearly about it or focus in what i’m missing while i’m dealing with this frustration…
I was on the same place as you, until i read your comment. Indeed, it’s difficult to talk about it without spoiling.
You do have all the things required. Update what you need then perform a different action on the other panel that you mentioned.
Also, thanks for the unintended nudge
Thanks for your answer, happy to hear i’ve helped in anything hehehehe even if it wasn’t my original intention
Not sure if i understand what you say… do you mean that there is some kind of race condition, where time is relevant to success?
I have read the thread twice already, still no have any clue how to get the admin user for the webapp. Any nuggets would be highly appreciated.
Same here. Trying to find some php code that implements signup form or a blog post that deals with similar issues. No luck so far. I guess I need to trick the code into setting a role field to admin role during signup by leveraging the fact that the email field has a char limit, at least that’s what I extracted so far from all the nudges here.
EDIT: Got pushed into the right direction. Got it.
Oh Gosh finally got user on BOOK .Awesome foothold ,very tricky and especially with everyone overwriting one anothers .
But after that i was able to get something else .Thanks for the guys who pointed me in what attack i need to focus to achieve my goal .
Guys im stuck at the admin part, i have found out the admin login page and the admin email id, but unable to login, tried many things like SQLI, bruteforcing but nothing works, can any one provide me any nudges, i’m really stuck here for 2 hours
Guys im stuck at the admin part, i have found out the admin login page and the admin email id, but unable to login, tried many things like SQLI, bruteforcing but nothing works, can any one provide me any nudges, i’m really stuck here for 2 hours
Fell free to message me
If you view the source you can see there are some client side restrictions. These may indicate that the backend is badly configured and you can bypass a check it makes.
Finally got root on the box, but this was a real struggle for me from start to end
@MrR3boot thank you for box, it was very educational!
Mega thanks to @TazWake for helping and patience with me Help and pointers you gave were great, they gave me the right direction but still left me to do my research, find the correct solution. (/bow)
To ppl who are struggling and/or kind of dropping (seen some comments) - don’t be afraid to ask for help | take some breather and then come back with a fresh look (this worked for me also) | don’t be discouraged with comments “ohh this is an easy box”, etc - don’t forget that everyone has different experiences and skill level, you are here to learn, so just ignore it and do what you can do, do research, etc. Everyone started somewhere
It looks like I need some hints for user here. I’ve got access to the admin panel and see the connection between that and an u****d function in the user panel.
I’ve read a few writeups on exploiting this and got the box to “call back” to me. However, I have little success in getting it to reveal more, even after trying variations of that technique. Nudges are definitely welcome!