Official Phonebook Discussion

I found s***** a** and still stuck, definitely may need a small hint :frowning:

Fun challenge, frustrating at the beginning because I misidentified what I was dealing with. Once I was pretty sure about what was going on, I just had to fight the snake for a bit and that was it :slight_smile:
Even though it’s true you only need the first page to get the flag, I actually used what I got in the second one to identify the thing running on the server. Google even the shortest words !

I was able to successfully log in. I’m able to search the phone book and get results back. But what’s next? Where’s the flag?

I found what the service is and I think I found a way to exploit it, but I can’t seem to get anywhere with it… Could someone DM me a hint, please?

It took me the whole day but at the end I made it :slight_smile: Easier than it looks

Finally got it, I was trying a really hard way to solve it, but it turns out, it’s quite simple.
DM me if you need a hint.

I found the technology and bypassed login. It was new for me. I suspect that flag is in some attr, maybe in uP**** for login user, but I tried blind method and direct method, but haven’t result :frowning:
Can anyone DM me with any hint, please?
Phew! Solved it. As was said: just dont overthinking it

I’m in the same situation as undefi stated in the previous comment. Would appreciate a DM with a hint.

Thanks for sBY11Ek to give me inspiration for problem solving. The question just solve in login page.?
If you feel confused, give me a DM then will tell you some hint.?

Hello!

I’d appreciate a hint - stuck at the first page.

Thanks in advance!

I was able to login and get the content of the whole phonebook. Can’t figure out what the exact query is to fetch the flag. Could someone give me a hint in DM please?

I got the phone book and can’t understand what to do now

stuck on the s***** page, can someone help me out with a pm?

Can someone DM me a hint. Found s***** , but 4**.

I’m still stuck at the login page. I understand that I have to figure out what’s going on behind what I see but I can’t arrive to a way to figure that out.

Nice challenge, I learned a new technique. If you have found second page, look what is going on in the back, you may want to search some characters in google. Feel free to DM me for nudge :smile:

@JinKin thanks for the hint. Knowing the backend and login page is enough.

Can someone give me a nudge, please? I’m stuck on the login page, I notice the xss but that’s it.

can someone give me a nudge pls

@vajkdry said:
Just think about what might be behind what you see, and think about how it works. This should be enough for this challenge!

can you give me a nudge pls