Hello everyone! I am stuck at D******** S********* M***********. I figured out that is susceptible to S***. I am getting a hard time creating an efficient payload that would bypass potential filters. I would be grateful for some hints, because I am missing something for sure
The results of your payload are “displayed” on a different page entirely.
I’ve got access to DSM by updating my h___s file. I’m testing out sending messages but I’m not sure if I need to exploit S__I or X__? Is anyone able to send me a nudge in the right direction? Bit of a noob
Edit: Got successful X__ injection on a____ page… what am i missing?
Landed a shell. My advice: img src r**e sl
rooted. User was relatively easy, root is also not too challenging with a bit of google for that pesky one that blocked you at the start.
Rooted, feel free to PM me if you’re stuck but please be sure to say what you’ve done so far and get ready for ambigous hints
As for nudges:
Foothold - Sometimes things can appear different when we look at them from a different direction.
User - You have something that can help you look someplace. Anything weird there?
Root - sometimes it’s good to get back to basics and to start off with a clean slate.
Definetely not an easy box, but big fun and learned a lot
As often, user is the harder part, root is very well documented, just use what already exists. For User and Root: enumerate, enumerate, enumerate very carefully
I was able to get to the login page but I don’t understand why it worked and really want to know before moving on. I’d appreciate if someone could PM me about that
I was able to get to the login page but I don’t understand why it worked and really want to know before moving on. I’d appreciate if someone could PM me about that
It depends what you mean about why it worked.
I suspect your question is down to how HTTP works and the way the hosts header works.
Hi, thanks everyone for the hints.
I managed to get user & root.
Foothold : very interesting way of injection
User : enumerate… there is one thing you have access to…
Root : pretty simple
Beginner here working on foothold. I’ve managed to upload a test script and track down the output. I assume I need to use n* to launch a s**** but I have no idea how to figure out what payload to use or how to format it. Any good sources to learn this?
Beginner here working on foothold. I’ve managed to upload a test script and track down the output. I assume I need to use n* to launch a s**** but I have no idea how to figure out what payload to use or how to format it. Any good sources to learn this?
You don’t need n*. There is a site which covers payloads for all things. Find it and have a look. One of them works really well here.