mpouzol
December 27, 2020, 9:45am
114
Type your comment> @LaxusSlayer said:
Hi can anyone help me? All day in this challenge and nothing y dont have anything except x** in main page. I made multiple common attacks but nothing.
Pd. I speak english and spanis
i don’t know if it can help you but have you find the second page ?
Tomiko
December 27, 2020, 1:41pm
116
Looking for hints im stuck step bro
Finally pwend. Take me a lot of time due a didn’t know the main topics about this challenge. I think they have much what is commonly called dissociative controls in information security. Each control (for mean it a way ) took me two or four hours. I think that overthink, but Its worthy because learn a lot of topics a new concepts and upgrade my arsenal.
Guarana
December 29, 2020, 6:56am
118
Type your comment> @bander said:
@scr1pti3 said:
I managed to bypass the login… But I don’t get why. why does that special characters work, can you dm me an explanation.
Read about l**p
Hola mate, could you give me a hint what that short stands for, having trouble to understand the reason behind that special marks.
mrZapp
December 29, 2020, 10:18am
119
Hi,
Completely stuck with this one.
I have a loginpage and a seccond page. And the same pages in a different directory.
at the end point of the X request I keep getting a forbidden. Already played with the headers etc. But unfortunately nothing at all. Is a successful login a must or is the bypass sufficient?
I would like to receive a tip in the right direction. The tips already given are confusing rather than enlightening
bander
December 29, 2020, 2:25pm
120
the whole challenge is related only with first page, just try to bypass login page by injection and try to guess the password
I need help. I am stuck at the login page
Can someone DM me instructions? I am new at this
Error EOF in pag s*****
help
Got past the log in page. No idea what to do next…any help?
bander
December 30, 2020, 7:08pm
124
Type your comment> @rancilio said:
Got past the log in page. No idea what to do next…any help?
check how did you pass the login then try to guess username and password
Will brutefore or xss will help in this
i have found another page with a search field but it shows nothing
TazWake
January 1, 2021, 4:42pm
129
@annomy said:
try this out
This challenge is still active. It is a breach of HTB’s Terms of Use to publish walkthroughs of active challenges/boxes.
I was able to query the phonebook, but I’m a little stumped on what the next step is here?
Type your comment> @davissp14 said:
I was able to query the phonebook, but I’m a little stumped on what the next step is here?
As am i. It’d be a lot easier to have an end goal of where i might find the flag… Is the page after login relevant at all?
mrZapp
January 8, 2021, 8:18am
132
Type your comment> @Mattigins said:
Type your comment> @davissp14 said:
I was able to query the phonebook, but I’m a little stumped on what the next step is here?
As am i. It’d be a lot easier to have an end goal of where i might find the flag… Is the page after login relevant at all?
Nope,
Can be useful for verifying a user, but not really.
See what you have and what you can do with it. Maybe a little scripting can help you further
someone dm some hint first page give me nothing second return 4xx