Hey everyone. I am stuck on finding what function to use in the tool, since I am kind of a noob in using it. Could someone DM me for a more in-depth hint?
EDIT: Nevermind, apparently I was very unlucky and tried lots of incorrect values. Finally solved it
i did solve it it takes me 4 h
my hint:
1.read the source code
2.use that tool to steal some data(dont tink abute that hash nothing there well help you, you just want find that vulnerability)
3.brute force directory “dirb” or gobuster
4.what vulnerability you found in step 2 use that but you want more advance coomand
Nice challenge, like everyone says no cracking involved. I’m actually curious if anyone managed to get the flag by login into the admin account? If so PM me.
ngl, took me way longer than it should’ve taken. If you are using that tool (s*****), then you should consider using s***** -hh and read it, something there could help you.
That was pretty fun! The hardest part was to find the “path”.
Tip to the others:
Yes you’re probably using the right tool.
Know WWW applications well.
Read.
I definitely learned a lot trying to solve this as someone who’s never used the tools suggested by this forum. I will say that the list I used w/ gobuster did not reveal the info I needed. I ended up finding my way there by looking at some hints in the source code of other files.
fun challenge - hadnt been HTB’in it up in a bit so coming back and doin a web chall was needed.
having read some of the hints i think i might have veered off the path that others took but still came to the same conclusion in the end, with a flag.
one thing i didnt see was mention of an owasp tool to aid in finding the owasp top 10 - which is how i got to that point and then learned about [-hh] the tool functionality…
from there, just a matter of huntin and peckin with what you found in initial enum with tool and follow the rabbit to flagsvile ; )
holler at me for hints and yell at me if i said too much
Do the job
and you will definitely learn something new. The challenge is easy itself. You just have to pay close attention to things. This won’t need any password hash.
And one last thing -hh for the tool. If still in doubt, feel free to PM me for a nudge
A lot of wasted time due to the secondary login page directory not being in any raft style wordlist. Guess that’s a lesson learnt. Fun challenge anyway.
So this was an interesting challenge for sure… No idea you could use this for that!!! That’s sooooo coooollll… Props to the challenge creator… I learned a lot on this one.