Official Phonebook Discussion

I was able to login and get the content of the whole phonebook. Canā€™t figure out what the exact query is to fetch the flag. Could someone give me a hint in DM please?

I got the phone book and canā€™t understand what to do now

stuck on the s***** page, can someone help me out with a pm?

Can someone DM me a hint. Found s***** , but 4**.

Iā€™m still stuck at the login page. I understand that I have to figure out whatā€™s going on behind what I see but I canā€™t arrive to a way to figure that out.

Nice challenge, I learned a new technique. If you have found second page, look what is going on in the back, you may want to search some characters in google. Feel free to DM me for nudge :smile:

@JinKin thanks for the hint. Knowing the backend and login page is enough.

Can someone give me a nudge, please? Iā€™m stuck on the login page, I notice the xss but thatā€™s it.

can someone give me a nudge pls

@vajkdry said:
Just think about what might be behind what you see, and think about how it works. This should be enough for this challenge!

can you give me a nudge pls

iā€™m entirely stuck on this one. Anyone available to chat?

Hi. Iā€™m all stuck too. Anyone that I can DM ? Thanks.

Hey, I just passed login page and got the whole phonebook, but i canā€™t retrieve the flag from it, any hints?

Type your comment> @bander said:

Hey, I just passed login page and got the whole phonebook, but i canā€™t retrieve the flag from it, any hints?

can you dm me how you passed the login page?

Type your comment> @scr1pti3 said:

Type your comment> @bander said:

Hey, I just passed login page and got the whole phonebook, but i canā€™t retrieve the flag from it, any hints?

can you dm me how you passed the login page?

Hint: Just Focus Special Characters

Type your comment> @bander said:

Type your comment> @scr1pti3 said:

Type your comment> @bander said:

Hey, I just passed login page and got the whole phonebook, but i canā€™t retrieve the flag from it, any hints?

can you dm me how you passed the login page?

Hint: Just Focus Special Characters

I managed to bypass the loginā€¦ But I donā€™t get why. why does that special characters work, can you dm me an explanation.

Finally got it. I wouldnā€™t say itā€™s easy.
Feel free to DM for nudges.

Thanks, HTB and to the creator.

can someone help me with the login page i know i have to use xss to bypass it. But i dont know much about xss. so any help would be great

Type your comment> @crownslay said:

can someone help me with the login page i know i have to use xss to bypass it. But i dont know much about xss. so any help would be great

itā€™s not related with XSS

@scr1pti3 said:

I managed to bypass the loginā€¦ But I donā€™t get why. why does that special characters work, can you dm me an explanation.

Read about l**p