> Found the vuln - but not the flag yet. Everything I read is junk
You can test your exploit on your local machine. It is easier to develop the exploit local because you can use all tools you want to view the running program.…
> @g4br0h4ck3r said:
> Any hints? what to looking for?
You don't need a mobile. There exists public tools to inspect the file on a "normal" computer. If you have managed to see "into" the file, you need anymore special …
I gone the same short way to the flag. It was a Python coding exercise.
More difficult for me was to understand why this way works. I have taken the flag text and searched the web. You learn why the script works sometimes and sometimes not.
> @kaixeb said:
> I have tried disassembling and decompiling the racecar file, looked through all the strings, ..
racecar is a challenge in the section Pwn. It is not in the section Reversing.
A zip file to download and an instance to r…
I must confirm that there is no ⓘ behind the text "POINTS" on the beta UI of the profile. I did not find any description of the formulas in the beta GUI.
I am used to the old GUI. The profile on the classic GUI looks quite different and s…
On our profile page just below the number of points is written "points (i)".
You can click on the "(i)" and read your point breakdown. There are some formulas. Your points per challenge are in the calculation included Additional…
In an "Interactive Section with Target" of the academy. You have to spawn (start) your docker target before. Then you get the IP number and the port number of the docker container with your target, in this question the target is the databa…
The Operator Precedence of MySQL could be the answer.
SELECT * FROM logins WHERE username='foo' OR '1'='1' AND password='bar'
Insert brackets to show the operator precedence:
SELECT * FROM logins WHERE username='foo' OR ('1'='1' AND p…
Hey, in step 6 you write an address. Are you sure this address is correct? I suppose, the top of stack address in step 1 could be different. E.g. command line arguments and environment variables are pushed onto the stack during program initializati…
I found the credentials with b*****k and a simple search tool. For the login I used the t****t program but other simple network connection tools are also possible. The b*****k was the only non-standard tool is used.
locate does not search on the file system. locate search in a database prepared by the tool updatedb.
The tool find could be used to search for files in the file system.
See the documentation displayed by man locate and man find.