[WEB] ezpz

Hey everyone,
I’m a noob, but how should I have a stable connection with it?? I can’t connect to it.
Notice: I’ve tried S"L"i

Type your comment> @arg1 said:

FYI…support starting to look at this challenge…hopefully they can fix soon…

I hope so because I still can’t open it from my end too till now.

Support has tried a few changes, but so far it’s still not properly working…support ticket still open

Yay! Support fixed. Hope it stays up. Happy hacking all!

Type your comment> @Crafty said:

You can PM me guys but please tell me what you have tried so far.

I got through the first notice but i am unable to clear the second notice and I don’t know what to do with the hint provided. Help plz

okay this was crazy, its actually pretty easy, the only thing that confused me were all those errors and the waf, but when u pass through this it’s really straightforward, thanks for the box

Type your comment> @misofani said:

A small hint for the last step. You don’t really need the column.

How did u solve it without knowing the column? I had to first find out(and only then I managed to solve it), PM me if u can :slight_smile:

Type your comment> @vellichor said:

Type your comment> @misofani said:

A small hint for the last step. You don’t really need the column.

How did u solve it without knowing the column? I had to first find out(and only then I managed to solve it), PM me if u can :slight_smile:

Just solved it. Good challenge. I guess @misofani means the very “last step” doesn’t need you to know the column names.

Also a small hint. There are two ways to get table names:

  • (easy way) quote it in “mysql way”
  • (hard way) forget about information_schema, ask mysql instead.

Hope it’s not a spoiler.

Hi, I’m stuck on bypassing WAF, tried few things, anyone can help me?

You don’t have to send whole payload at once. Try different parts of it to check what WAF reacts to. After you notice CHARacteristics of the WAF consult Google on how to bypass it.

thanks, I will try that

I am currently struggeling in getting the data without knowing the column name.
I found a way which should work, at least it is working on a local database. But unfortunately this results in a too large request URI at the challenge.

Could need a nudge per PM on how to do the correct thing without knowing the column.

EDIT: I was just missing a character in my query which resulted in an error. Just double check your queries…

Thanks @Drxxx for the help! Great guy.

very interesting challenge… not so simple anyway

got it, feel free to PM me

Finally got the flag…! PM for any help…

Interesting challenge. Solved it using 2 different ways. If spoiler than remove it. You can using information_schema to solve this problem and then there is another place to look for. sqlmap didn’t help me much . I used union of burp and a local instance of mysqldb to solve this problem. Good learning.

can someone help me with notice 2? i cannt found parameter to solve that

I used to only do boxes… i discovered that those challenges are good for learning new techniques/tools… although the reward in points is very poor. :cold_sweat:

any hint to bypass the fire wall, i know firewall will block some special character and word but i have no idea to bypass that, can someone give me nudge?

Type your comment> @0xstain said:

any hint to bypass the fire wall, i know firewall will block some special character and word but i have no idea to bypass that, can someone give me nudge?

don’t use the forbidden characters and words. Find a way to achieve what you need without them.