Official Phonebook Discussion

Hi. I’m all stuck too. Anyone that I can DM ? Thanks.

Hey, I just passed login page and got the whole phonebook, but i can’t retrieve the flag from it, any hints?

Type your comment> @bander said:

Hey, I just passed login page and got the whole phonebook, but i can’t retrieve the flag from it, any hints?

can you dm me how you passed the login page?

Type your comment> @scr1pti3 said:

Type your comment> @bander said:

Hey, I just passed login page and got the whole phonebook, but i can’t retrieve the flag from it, any hints?

can you dm me how you passed the login page?

Hint: Just Focus Special Characters

Type your comment> @bander said:

Type your comment> @scr1pti3 said:

Type your comment> @bander said:

Hey, I just passed login page and got the whole phonebook, but i can’t retrieve the flag from it, any hints?

can you dm me how you passed the login page?

Hint: Just Focus Special Characters

I managed to bypass the login… But I don’t get why. why does that special characters work, can you dm me an explanation.

Finally got it. I wouldn’t say it’s easy.
Feel free to DM for nudges.

Thanks, HTB and to the creator.

can someone help me with the login page i know i have to use xss to bypass it. But i dont know much about xss. so any help would be great

Type your comment> @crownslay said:

can someone help me with the login page i know i have to use xss to bypass it. But i dont know much about xss. so any help would be great

it’s not related with XSS

@scr1pti3 said:

I managed to bypass the login… But I don’t get why. why does that special characters work, can you dm me an explanation.

Read about l**p

Hi,I’m new on the plateforme, can someone help me to understand where i have to look for this challenge please :smile:

Hi can anyone help me? All day in this challenge and nothing y dont have anything except x** in main page. I made multiple common attacks but nothing.

Pd. I speak english and spanis

Help, please give some hint.

Type your comment> @LaxusSlayer said:

Hi can anyone help me? All day in this challenge and nothing y dont have anything except x** in main page. I made multiple common attacks but nothing.

Pd. I speak english and spanis

i don’t know if it can help you but have you find the second page ?

done
nice one!

Looking for hints im stuck step bro

Finally pwend. Take me a lot of time due a didn’t know the main topics about this challenge. I think they have much what is commonly called dissociative controls in information security. Each control (for mean it a way ) took me two or four hours. I think that overthink, but Its worthy because learn a lot of topics a new concepts and upgrade my arsenal.

Type your comment> @bander said:

@scr1pti3 said:

I managed to bypass the login… But I don’t get why. why does that special characters work, can you dm me an explanation.

Read about l**p

Hola mate, could you give me a hint what that short stands for, having trouble to understand the reason behind that special marks.

Hi,

Completely stuck with this one.

I have a loginpage and a seccond page. And the same pages in a different directory.

at the end point of the X request I keep getting a forbidden. Already played with the headers etc. But unfortunately nothing at all. Is a successful login a must or is the bypass sufficient?

I would like to receive a tip in the right direction. The tips already given are confusing rather than enlightening

the whole challenge is related only with first page, just try to bypass login page by injection and try to guess the password

I need help. I am stuck at the login page

Can someone DM me instructions? I am new at this