really ez, thanks for the challenge
this is my first challenge and I don’t really understand what to do, can someone help me? thank you!
Hello! I’m stuck on this task. I’m not sure which SSTI to inject to get the flag. Can anyone push me in the right direction?
Type your comment> @pst said:
Hello! I’m stuck on this task. I’m not sure which SSTI to inject to get the flag. Can anyone push me in the right direction?
location.pathname
Hello guys could you please help me a little its my first time i read about ssti.
Ok, i found this ssti but i can’t find the flag i’m a newbee, so… how does a flag look like? Its like the invite code?
anyone?
@ymousanon10 said:
Ok, i found this ssti but i can’t find the flag i’m a newbee, so… how does a flag look like? Its like the invite code?
It will look something like HTB{…}
Type your comment> @4mby said:
@ymousanon10 said:
Ok, i found this ssti but i can’t find the flag i’m a newbee, so… how does a flag look like? Its like the invite code?It will look something like HTB{…}
Thx, my friend
Type your comment> @ymousanon10 said:
Type your comment> @4mby said:
@ymousanon10 said:
Ok, i found this ssti but i can’t find the flag i’m a newbee, so… how does a flag look like? Its like the invite code?It will look something like HTB{…}
Thx, my friend
and in this case it will be a text file (i.e. flag.txt
)
i hope i’m not spoiling anything
Can someone pass me a hint on this one? Im able to get all the classes, but not creating file class or accessing any file.
Type your comment> @malm said:
Can someone pass me a hint on this one? Im able to get all the classes, but not creating file class or accessing any file.
You can search for common s*ti payloads.
If any one want a tip, just DM me.
Type your comment> @malm said:
Can someone pass me a hint on this one? Im able to get all the classes, but not creating file class or accessing any file.
same with me…
got to list all the classes, but dont know what to do anymore,… where are the flag is located at?
just trying to learn new skills, any hint is greatly appreciated
Done, Nice Challenge,
Remind me with Baby ninja web challenge
I think i have located the flag.txt file but i cannot read it using read() function. Any help?
Spoiler Removed
Type your comment> @Unkn0wnUs3r123 said:
I think i have located the flag.txt file but i cannot read it using read() function. Any help?
maybe cat func will help u
managed to figure i needed to use ssti, but i’m stuck on what to inject, or if there is any other variable i should be using