[JET] Fortress

Can someone help me on Overflown part?

Looking for nudges enlightening the dark of my extremely stuck thinking process → Command.

Type your comment> @Ric0 said:

Looking for nudges enlightening the dark of my extremely stuck thinking process → Command.

NVM. Thanks to @TazWake

Any nudge on Elasticity ? Port **00 is not responding. Is it related to ipv6 ? Thanks

Can anyone give me a nudge on Elasticity?

Hints :wink
Flag 1 : Just connect
Flag 2 :Dig the Flag
Flag 3 : Java scripts are Fun
Flag 4 : I hate injections
Flag 5 : Replace functions are helpful
Flag 6 : Simple Overflows
Flag 7 : XOR helps in encryption.

can anyone help me with digging in, I have tried all the possible options and never got anything as a lead

@joeldejo said:

can anyone help me with digging in, I have tried all the possible options and never got anything as a lead

You probably have the information you need, you just aren’t recognising it.

You have a domain name to visit.

Type your comment> @TazWake said:

@joeldejo said:

can anyone help me with digging in, I have tried all the possible options and never got anything as a lead

You probably have the information you need, you just aren’t recognizing it.

You have a domain name to visit.

I got the solution, now on bypassing authentication

@EvilT0r13 helped

I could use some help on the overflown flag?

can anyone help me with “digging in…”, i don’t know where to look,
I’m using dig tool but no luck so far :frowning:

Type your comment> @goffy12 said:

can anyone help me with “digging in…”, i don’t know where to look,
I’m using dig tool but no luck so far :frowning:

I’m blocked here too.
Read all comments in forum but nothing, i digged and even drilled…
If someone mind to help I would thanks so much

Edit: I already found the first website.jet, the problem is that it is unreachble and I don’t know what to do with it

Update:
solved, thanks for help

So, after getting the command flag the app becomes super unresponsive and I start to get constant 504s. Is that intended? Obviously my shell is a bit shaky, am I missing some sort of checkpoint to make getting back to that point easier/quicker? If my shell breaks, the entire webapp becomes unresponsive. Any points please PM! Thanks

@stoneric said:
So, after getting the command flag the app becomes super unresponsive and I start to get constant 504s. Is that intended? Obviously my shell is a bit shaky, am I missing some sort of checkpoint to make getting back to that point easier/quicker? If my shell breaks, the entire webapp becomes unresponsive. Any points please PM! Thanks

If the web app becomes unresponsive and you loose your shell, cURL the login page - you should find cURL gives you a response, whereas your browser will not. AFAIK, the exploit at this stage (even when successful) has the ability to break the session and anything tied to its cookie. Try removing the cookie from your browser storage or use incognito, login to the panel again (to get a new cookie) and re-try whatever you did. Should allow you to work around the 504’s, assuming you’re having the issue I had :slight_smile:

Stuck on the command flag…i know it has something to do with the email form and the cursewords (at least that is what i think)

3 days and no idea…

Anyone willing to lend a hand?

Can anyone help me in Overflown, I tried from last 4 days and 64bit is new for me, I am familiar with 32bit

edit: nvm got it digging

Type your comment> @AnonRyuk said:

Hints :wink

Flag 3 : Java scripts are Fun

I found that one, which lead to me where I found Flag 4, however still having issues finding Flag 3. Any nudges, PM maybe?

EDIT: nvm, didn’t follow the source

ola, just started on this today.
I can’t believe that I can’t even get connected :frowning:
I have found 2 ports where I can ****et to and it lets me some info out but thats about it. unsure on what to do there. little push will be appreciated.

Type your comment> @idevilkz said:

ola, just started on this today.
I can’t believe that I can’t even get connected :frowning:
I have found 2 ports where I can ****et to and it lets me some info out but thats about it. unsure on what to do there. little push will be appreciated.

Check the levels and start with the first one.
You’ll need to do at least 1-5 in order before you can do 6+.

As with most CTFs, the name of the challenge might give you a hint at where to look.