xtal

About

Username
xtal
Joined
Visits
264
Last Active
Roles
Member

Comments

  • @htbuser01 said: > Found the vuln - but not the flag yet. Everything I read is junk You can test your exploit on your local machine. It is easier to develop the exploit local because you can use all tools you want to view the running program.…
  • > @htbuser01 said: > Any nudges on this? One possible way is to check all function calls: file open, input, output, allocation, and so on.
  • > @g4br0h4ck3r said: > Any hints? what to looking for? You don't need a mobile. There exists public tools to inspect the file on a "normal" computer. If you have managed to see "into" the file, you need anymore special …
  • I gone the same short way to the flag. It was a Python coding exercise. More difficult for me was to understand why this way works. I have taken the flag text and searched the web. You learn why the script works sometimes and sometimes not.
  • > @kaixeb said: > I have tried disassembling and decompiling the racecar file, looked through all the strings, .. racecar is a challenge in the section Pwn. It is not in the section Reversing. A zip file to download and an instance to r…
  • @mysteriousP Read carefully the otp... generation and understand all steps of the generation. Fukurou and indirect maple3142 gives already very good hints.
  • @shad0w0lf Distinguish carefully between your knowledge and your assumptions.
  • I must confirm that there is no ⓘ behind the text "POINTS" on the beta UI of the profile. I did not find any description of the formulas in the beta GUI. I am used to the old GUI. The profile on the classic GUI looks quite different and s…
  • On our profile page just below the number of points is written "points (i)". You can click on the "(i)" and read your point breakdown. There are some formulas. Your points per challenge are in the calculation included Additional…
  • In an "Interactive Section with Target" of the academy. You have to spawn (start) your docker target before. Then you get the IP number and the port number of the docker container with your target, in this question the target is the databa…
  • In many challenges, the text provides very useful help and the words are good guide sign. Now and then, you must not believe every statement.
  • The Operator Precedence of MySQL could be the answer. First case SELECT * FROM logins WHERE username='foo' OR '1'='1' AND password='bar' Insert brackets to show the operator precedence: SELECT * FROM logins WHERE username='foo' OR ('1'='1' AND p…
    in SQL Inyection Comment by xtal May 2
  • Hey, in step 6 you write an address. Are you sure this address is correct? I suppose, the top of stack address in step 1 could be different. E.g. command line arguments and environment variables are pushed onto the stack during program initializati…
  • Type your comment> @henkhenkzoon said: (Quote) Go back to your first comment: The image file is one part. The other part of the challenge is the login.
  • I found the credentials with b*****k and a simple search tool. For the login I used the t****t program but other simple network connection tools are also possible. The b*****k was the only non-standard tool is used.
  • Like many other challenges the output will contain "HTB{....}". You don't need to add "HTB{" and "}". If you can't read "HTB" in the output your must try harder.
  • locate does not search on the file system. locate search in a database prepared by the tool updatedb. The tool find could be used to search for files in the file system. See the documentation displayed by man locate and man find.
  • @p00dl3 said: (Quote) My result: a really "broken decryptor".
  • The text to the challenge gave me two helpful hints to solve it.
Avatar

Howdy, Stranger!

Click here to create an account.