I have requested POST to create a new account successful.
I am trying to exploit Si in r***er function but I stuck here.
Am I on a right way? Somebody give me a hints?
Type your comment> @vnv said:
I have requested POST to create a new account successful.
You don’t need a new account. Just look to existing. How do you do a POST request?
Type your comment> @Difrex said:
Type your comment> @vnv said:
I have requested POST to create a new account successful.
You don’t need a new account. Just look to existing. How do you do a POST request?
@Difrex said:
Type your comment> @vnv said:I have requested POST to create a new account successful.
You don’t need a new account. Just look to existing. How do you do a POST request?
I exploit s#i via request /a*i/w*****r
I’m also stuck.Server stops for some reason when content type is changed. Any hint?
I am stuck at /a**/w****r
Tried to brute force on /ln could not get anything there.
Can anyone please guide me in the right direction?
Thanks
[update-1]
I tried to read the code dump and found something interested with /rr POST request.
I am still stuck at bypassing certain check, tried all X******r header, anyone nudge in the correct direction please.
Finally, get the flag :))! I was on the right way. great challenge!
@vnv said:
I have requested POST to create a new account successful.
I am trying to exploit Si in r***er function but I stuck here.
Am I on a right way? Somebody give me a hints?
found the reason. good luck to everyone and more correct thoughts
can somebody pls give me a hint how is it possible to make a post
?
Can do the POST
but fight to combine all things so that they work - it would be nice if someone could give me a nudge for this
nvm?♂️ - done
read through the code. think i know what to do with /r******r but its not working. Am i missing something?
I finished… I think the challenge should be worth more than 30 points. Anyway, It’s a great one and I learned quite a bit. Thanks!
Can anyone please DM me any nudge? I’m stuck on the by**** and have successfully exploited the rest.
I have the weirdest issue. My payload works on my local Docker but not with the HTB online server.
I tracked it down to a console.log debug message i added to check out what’s going on. With it, it works. Without it, it doesn’t.
hui that thing brings me to my limit…
After a lot of Days, I can now bypass the localhost check.
But now I do not find what to do, because only one query is allowed.
I would be very grateful for a little hint
I have stuck and I don’t know what to do next. Can someone DM me with a bunch of hints ?
Finally got it! A nice challenge, learned a lot.
I’d not rate this as easy though, simply due to the many small things you need to do. But it might just be me who still have a lot to learn
DM me for hint (write what you’ve tried)
Code analysis proves that manipulating registration should give a flag, but I can’t find the correct poison. ***Am I on the right path??
Brute-forcing isn’t practical since encryption is way strong
should I just root the remote box to get the flag??
I am able to bypass localhost check, but the server always gives me parsing error. Can someone DM me for a hint?
Update: Done (check correct Content-Type)
I can’t find how to bypass localhost check, any hint?
–