Official Toxic Discussion

Official discussion thread for Toxic. Please do not post any spoilers or big hints.

1 Like

Great challenge!! Really useful to familiarized with common web vulnerabilities. Feel free to ask for a hint

hint please, first challenge :disappointed:

Can i also have a hint :frowning:

Lovely challenge! A bit different from common web vulnerabilities (especially with the added randomness), so the extra challenge was a good learning experience.

Type your comment> @Sirbot said:

Can i also have a hint :frowning:

@alketsh said:
hint please, first challenge :disappointed:

you have a source code :wink:

I want to say this is a pretty nice challenge especially the second part :wink:
pm me for nudge

did it after help from @7Rocky :smiley: :

Can someone can give me a hint on how to hadle the randomness ? I tried with bruteforcing it but wasn’t effective…

Type your comment> @TheEmix said:

Can someone can give me a hint on how to hadle the randomness ? I tried with bruteforcing it but wasn’t effective…

You need to upgrade your Low Floor Industrializer to a Really Cooperative Experience. The challenge name sort of relates to the technique. If it’s not toxic nor venomous, what could it be?

Nice hint :lol:

I went a bit too quick into the exercise without realizing that the name of the flag is NOT just /flag so don’t do the same mistake…

Can someone give me a hint? I am new at this.

Can someone explain to me what tr -dc ‘a-zA-Z0-9’ means? I know it might have nothing to do with solving the challenge, but I just want to understand.

@Eren said:
Can someone explain to me what tr -dc ‘a-zA-Z0-9’ means? I know it might have nothing to do with solving the challenge, but I just want to understand.

tr translates one set of characters to another set of characters. For example echo hackthebox | tr 'a-z' 'A-Z' would output HACKTHEBOX. The -d flag deletes a set of characters and the -c flag inverts the set so tr -dc 'a-zA-Z0-9' would delete any character that isn’t a letter or a number. For example echo 'h&ck+th3B%x' | tr -dc 'a-zA-Z0-9' would output hckth3Bx.

FWIW I didn’t need this to complete this challenge but it’s good one to know about. You can find out more with man tr.

1 Like

Type your comment> @ily said:

@Eren said:
Can someone explain to me what tr -dc ‘a-zA-Z0-9’ means? I know it might have nothing to do with solving the challenge, but I just want to understand.

tr translates one set of characters to another set of characters. For example echo hackthebox | tr 'a-z' 'A-Z' would output HACKTHEBOX. The -d flag deletes a set of characters and the -c flag inverts the set so tr -dc 'a-zA-Z0-9' would delete any character that isn’t a letter or a number. For example echo 'h&ck+th3B%x' | tr -dc 'a-zA-Z0-9' would output hckth3Bx.

FWIW I didn’t need this to complete this challenge but it’s good one to know about. You can find out more with man tr.

Thank you very much. I understand it.

.

Nice challenge! Also, @Fugl hint is gold!

Indeed, @Fugl post is a riddle in itself, at least for noobs like me, but after wasting hours in what turns out to be a dead end, it guided me towards the solution. Grade A comment.

hello, i know we need to upgrade our Low Floor Industrializer to a Really Cooperative Experience, but the cereal isnt working, any tips on how to make the cereal and uncereal work? i figured that i need to construct a suitable payload in the cookie :v