Official Cereal Discussion

WHY??

HTTP/1.1 401 Unauthorized
Server: Microsoft-IIS/10.0
Strict-Transport-Security: max-age=2592000
WWW-Authenticate: Bearer error="invalid_token", error_description="The token has no expiration"
X-Rate-Limit-Limit: 5m
X-Rate-Limit-Remaining: 0
X-Rate-Limit-Reset: 2020-11-27T15:06:50.5099306Z
X-Powered-By: Sugar
Date: Fri, 27 Nov 2020 15:03:46 GMT
Connection: close
Content-Length: 0

I have generated the valid token, where I can choose the food

Look at your error:
The token has no expiration

Type your comment> @ryarnyah said:

Look at your error:
The token has no expiration

yes I’ve seen but I don’t know how to set a date

ok

HTTP/1.1 200 OK
Content-Type: application/json; charset=utf-8
Server: Microsoft-IIS/10.0
Strict-Transport-Security: max-age=2592000
X-Rate-Limit-Limit: 5m
X-Rate-Limit-Remaining: 5
X-Rate-Limit-Reset: 2020-11-27T16:06:53.4910732Z
X-Powered-By: Sugar
Date: Fri, 27 Nov 2020 16:01:53 GMT
Connection: close
Content-Length: 43

{"message":"Great cereal request!","id":17}

Type your comment> @ryarnyah said:

Look at your error:
The token has no expiration

you have PM

Is there anyone who can give some hint (no spoiler please). I’m stuck for so long with S & Restri** to trigger my payload?

Generated a valid token and stuck at the GET part. Hints anyone?

Type your comment> @luca76 said:

WHY??

HTTP/1.1 401 Unauthorized
Server: Microsoft-IIS/10.0
Strict-Transport-Security: max-age=2592000
WWW-Authenticate: Bearer error="invalid_token", error_description="The token has no expiration"
X-Rate-Limit-Limit: 5m
X-Rate-Limit-Remaining: 0
X-Rate-Limit-Reset: 2020-11-27T15:06:50.5099306Z
X-Powered-By: Sugar
Date: Fri, 27 Nov 2020 15:03:46 GMT
Connection: close
Content-Length: 0

because when you read the source code there is a whitelisting of IP.

Got user… i’m a ■■■■…

guys can anyone help me to root? PM me

Could anyone give a hint on ip restrictions?

Even with a bypass for the ip restriction I still hit a 403. I must be missing something.

Can I message someone for a hint?

Can i get any hints i am stuck at building a valid token.

Stuck on 403s - any help would be greatly appreciated in DM.

@luca76 said:

guys can anyone help me to root? PM me

PM if you want, i’ll help on root.

Type your comment> @Caracal said:

@luca76 said:

guys can anyone help me to root? PM me

PM if you want, i’ll help on root.

thanks Bro, you have a PM :wink:

Anyone have hints for 403 Forbidden

So, I’m pretty sure I know what to do. I can create cereals, but when I try to list or get them, the request simply times out (after I managed to get around the 403).
Anyone an idea what I might be doing wrong, here?

EDIT(h says):
Seems like I forgot a newline. But now I can’t get around the 403 (even though I added the respective (plus some more) headers) :confused: