Last Active


  • Wow. I learned a lot about how jinja can be exploited. Should be marked as a hard challenge though. Trying not to spoil to give you some hints: * lots of info on google about typical jinja attack * bypass * what can you control when you're in the …
  • Well planned box, execution also great, however installing Visual Studio is never fun…. some of us don't have that much HDD space to keep a Win VM around for HTB :( My cryptic hints: Foothold: it's right in front of your eyes, expired doesn't mean …
  • the name of the challenge is a big hint everyone :) i suffered a couple of hours reading up on crypto until i stumbled on the attack that has to be done here
  • got user, didn't seem hard to me (and i'm no win expert). some cryptic nudges (hopefully not spoiling) user1 creds - simple enum on low port user2 creds - what would user1 do in real life for user2? this is a bit exotic but look at the services and …
  • what a great and entertaining box! learned a lot while having lots of fun. defo a hard one. took about 12-14 hours altogether for me with some small nudges. here are my cryptic clues: foothold: follow the message, use your new tech, read client tes…
    in Quick Comment by nemetha April 29
  • I have found creds probably for user - can someone please give me a nudge where I can use them?
    in Control Comment by nemetha November 2019

Howdy, Stranger!

Click here to create an account.