@H4FN said:
Type your comment> @TazWake said:
@H4FN said:
I did all my research and all looks like i need to do something with Mem-----d but all is going to a DDos and UDP spoofing
There are lots of ways to attack that service rather than use ExploitDB to find a vuln. In this instance you aren’t attacking it, you are using it.
It really is just a part of the attack here - you need to give it something it is looking for so everything else can work.
There are other parts of the files which are much, much more important.
I tried a lot of tools but nothing could hit the port, I will wait for a writeup to understand where I was stuck and learn next steps ! I tried but I´m new on CTF challenges and this was my first Hard CTF !! .
As alway thanks brother for all the support I learned new things with this box with only tw0 days
Ok - it wont be long now anyway.
In a nutshell, if you read the code its possible to identify a way to inject stuff which can make a request on your behalf. With some effort this can be used to bypass a control and send data to a system which opens the door to further exploitation.
It is one of the hardest footholds I’ve seen in a long time.