[WEB] Freelancer



  • I got the hash, but I don't know how to crack it. Can anyone help???

  • You don't need to crack the hash. There is other way to gain access. Use the map to find the treasure.


  • Is the 500 expected from contact me?
  • I really enjoyed this challenge. Everything has been already said, so just to repeat: read the source code.


  • edited May 2020

    Just got the flag. No need for dirb or cracking password. Just read the source. DM me if you need any help.

  • edited May 2020

    Hey everyone. I am stuck on finding what function to use in the tool, since I am kind of a noob in using it. Could someone DM me for a more in-depth hint?

    EDIT: Nevermind, apparently I was very unlucky and tried lots of incorrect values. Finally solved it :)

  • rooted! But I don't know how to find /admin page? should i update my wordlist?

  • edited May 2020

    i did solve it it takes me 4 h
    my hint:
    1.read the source code
    2.use that tool to steal some data(dont tink abute that hash nothing there well help you, you just want find that vulnerability)
    3.brute force directory "dirb" or gobuster
    4.what vulnerability you found in step 2 use that but you want more advance coomand

  • Need some help on how to obtain the mentioned hash data.

  • edited May 2020

    finally solved!

  • Nice challenge, like everyone says no cracking involved. I'm actually curious if anyone managed to get the flag by login into the admin account? If so PM me.

  • How can I find the admin panel any clues?

  • Type your comment> @jb7815 said:

    Managed to get the flag without any tools, really nice challenge.

    Can DM for hints but please tell me what you've already tried :)

    I tried using S***** and got username and password..Then what to do I don't understand..plz give some hints in PM

  • ngl, took me way longer than it should've taken. If you are using that tool (s*****), then you should consider using s***** -hh and read it, something there could help you.

  • Thank u very much for this challenge @IhsanSencan . I have learned a bit more

  • funny chall. pm me for some hints :smile:

  • That was pretty fun! The hardest part was to find the "path".
    Tip to the others:
    Yes you're probably using the right tool.
    Know WWW applications well.

  • Spoiler Removed

  • I definitely learned a lot trying to solve this as someone who's never used the tools suggested by this forum. I will say that the list I used w/ gobuster did not reveal the info I needed. I ended up finding my way there by looking at some hints in the source code of other files.

  • Easy challenge and fun, repetition is a nice. DM for nudges.

    Feel free to PM me, but please ask good questions: https://www.shorturl.at/fmAX6

  • fun challenge - hadnt been HTB'in it up in a bit so coming back and doin a web chall was needed.

    having read some of the hints i think i might have veered off the path that others took but still came to the same conclusion in the end, with a flag.

    one thing i didnt see was mention of an owasp tool to aid in finding the owasp top 10 - which is how i got to that point and then learned about [-hh] the tool functionality...

    • from there, just a matter of huntin and peckin with what you found in initial enum with tool and follow the rabbit to flagsvile ; )

    holler at me for hints and yell at me if i said too much

  • Done! As everyone has hinted already.

    • Read the source
    • Use the tool
    • Do the job
      and you will definitely learn something new. The challenge is easy itself. You just have to pay close attention to things. This won't need any password hash.

    And one last thing -hh for the tool. If still in doubt, feel free to PM me for a nudge :smiley:

    Life is a game where you only have one life

    --XLD (https://nmnx.org)

  • Thank you for challenge, it was good. But in real life i've never seen the "main" vulnerability of this challenge

  • A lot of wasted time due to the secondary login page directory not being in any raft style wordlist. Guess that's a lesson learnt. Fun challenge anyway.

  • So this was an interesting challenge for sure... No idea you could use this for that!!!! That's sooooo coooollll..... Props to the challenge creator... I learned a lot on this one.

  • Really fun challenge.

    All the hints are here - the most important of which are, "you don't need to crack anything", and "-hh can show you a way to get what you need".

  • it's easy to find the vulnerability , the hard part is to find where the Flag is, here is some hints :
    1) read the source
    2) find the vulnerability
    3) use dirb
    4) merge 2 and 3 and voila you got it

    if you stuck , feel free to PM me :smile:

  • Please i am a beginner here and i need help on solving this issue: Send a GET request to flag.php with two parameters num1 and num2 such that their sum is 1337.

  • You don't really need any "tools" other than a web browser for this challenge. If you've completed the htb academy module for this vulnerability (accessible with a free account) then you have everything you need. I definitely recommend solving this one without the software assist if your goal is to learn and understand.

  • I completed this challenge yesterday, yet I still feel very conflicted about how I feel about, more so than I do after most machines.

    1. Using common.txt from seclists for ffuf yielded more results than other available commonly used directory lists. I normally start with medium sized ones and then when I move onto larger ones. In this case I did the same, but even the larger lists still could not find the necessary path.

    2. This rabbit hole was a bit too deep for my liking, given the challenge rating. Backtracking and finding the vector was a breeze, but then realizing how meaningless the majority of it was in the end bothered me a little.

    3. Even after I discovered what I could do, finding the flag was not particularly straightforward to make the awarded challenge points be a faithful representation of the work required.


Sign In to comment.