Official breaking grad Discussion

Official discussion thread for breaking grad. Please do not post any spoilers or big hints.

First Comment :smiley:

Any hints, i’m just able to get “Pass” message

Stuck on passed right now

solved, nice challnge! If someone need help just PM me :smile:

also liked this challenge, thanks to the @makelarisjr and @makelaris for submitting.

Type your comment> @blackv0x45 said:

Any hints, i’m just able to get “Pass” message

Me too. Any help please?? Thanks

Also was able to get the ‘Passed’ message.

Thinking in two different ways no, to get the flag content.

  1. Trying to do a bash injection, with the error you get when you call /d****/r**
  2. Passing a JS-function to the isO**** function.

Am I on the right track?
Any nudge would be helpful

My IP got banned, am I on the right track?
Edit:
Looks like m****y l**k is a rabit hole, still going at it.

Any hint for this one? I’m no able to figure out how to progress with it.
/debug commands seams to be rabbit holes, so I’m trying to exploit deserialization into JSON.stringify.

I’m thinking that I wasn’t able to get the conn back due to my local restrictions on my mobile internet connection, seems that the iPhone is not rutting from shared conn to computer on netcat commands.

If someone can confirm to me that this is the correct path it will be appreciated.

Thanks

Thanks authors, I’m really enjoyed this one! Simple hint for the others: “Inheritance is the key”.

I think overwriting the ***** property is the right way, but i don’t really get how to do it since every time i try to change it, it ends to merge it as a simple property and not as *****.

Type your comment> @p4w16 said:

solved, nice challnge! If someone need help just PM me :smile:

I’d love to receive some help, but HTB will not let me send messages until certain rank is achieved. Could anyone drop the hints here please?

“RangeError: Maximum call stack size exceeded” is that what i am supposed to get?

Hi! Could anyone help me with this task? I have some progress here, but need in some hint, Thanks a lot in advance

Any hint ? I think i know what part is exploitable but i have no idea how. I’ve read a lot about safe nodeJs code and i don’t see anything that related to the tiny sample that’s in this challenge…

Finally rooted it.

1st, it’s not a very common vulnerability.
2nd, even knowing that vulnerability, there’s still a lot of work and experimentation locally before you can pull it out, as there are a few things that make the exploitation not straight-forward.

For those two reasons i think it is fairly hard, at least, a Machine with that to get foothold, who definitely not be ranked medium.

Finally rooted it!! I thoroughly enjoyed this challenge!!

I definitely learned something about a vulnerability that I didn’t know existed. I think this challenge is appropriately rated at Medium. Crafting the correct payload took longer for me than actually enumerating the instance, reading the source code, researching what I found, and learning about the vulnerability.

Tips:

  • You have the source code. Learn as much as you can about how the application works. Google what you don’t understand. It may lead you to the vulnerability.
  • Run the application in a local container and experiment with it to figure out what works and doesn’t work. I personally use p*****n for testing APIs.

As always, DM me if you need help or a nudge.

Pwn3d!!!

Worth solving it, however it needed a lot of learning despite knowing few vulnerabilities related to this one. If you have ever encountered K***na service and read about its exploits you’d be on right track.

Things to consider:

  1. Reading Source Code despite not being a pro coder you can still understand a lot by reading
  2. Ensure you are doing good research after information gathering like Framework, Programming language, etc

Once you find the right path everything will make sense.

A good challenge and thanks to P4w16 for confirming the real exploit. It is very nice that I have to learn javascript a little bit.