[FORTRESS] Context

c4rl3tt0 · June 14, 2021, 2:25pm

Type your comment> @idevilkz said:

stuck on ZIP file if anyone has any nudge ?

check the code inside the zip, you will spot the vulnerability

Jaquarh · July 13, 2021, 11:38pm

Stuck on flag 5, can anyone give me a nudge? After establishing foothold, I feel as if I’ve extorted all attempts of enum and can’t find anything to get to flag 5.

Can we please vote a reset, there is so much garbage in the C directory that I question if its been removed

Jaquarh · July 16, 2021, 11:33pm

Can anyone give a nudge on flag 5? Can’t seem to do anything after finding karls creds

grav3m1ndbyte · July 30, 2021, 10:20pm

I started this Fortress months ago, and got stuck on Flag 5 and the zip file. Been reviewing it and can’t seem to find something concrete. Could someone PM me with a nudge?

Icyb3r · August 6, 2021, 10:33am

I have done this fortress yesterday, and it is really amazing. 6th and 7th flags , take much time for me to know they correct attack vector for each.

Anyway, its really worthy to spend time on it.

KarimReda · August 29, 2021, 8:43am

hi, i am stuck in the 6th flag i have mssql creds and entered mssqlserver but i have an error when i use this query to get the flag: select content from [WEB\CLIENTS].clients.sys.assembly_files where name like ‘%clientsbackup.dll%’ but i got the following error: dsp_desc_bind: Memory allocation failure for column #1 NOTE: i used sqsh cli to connect to mssql server anyone help me please!

tmeir · September 13, 2021, 7:33pm

Am I suppose to get the flags in order? Because I got the first and second flags and then got “nt authority\system” and the last flag…

Nimoo · September 16, 2021, 8:05am

Give me any nudge for fourth flag of context… PM me on discord my discord - Nimoo#9980

tmz001 · September 22, 2021, 12:57pm

any nudge for 4th flag?

tmz001 · September 22, 2021, 12:58pm

.

maikroservice · November 6, 2021, 10:45am

click around in the UI that you find/found - click on every button

maikroservice · November 6, 2021, 4:13pm

Any hints for Flag 5? I have the username for mssql but brute-force did not work - did I miss something?

socialkas · January 21, 2022, 3:34pm

Hello there everyone.

After completing this Fortress, here are some pointers for those who are still struggling:

There’s the intended way and, of course, the faster and boring unintended one.
The SQL-i does not need to take ages to complete if you know what to do (you do not even need s****p for that).
No reversing needed, at least I wouldn’t call it that.

Good luck!

cyberic · March 6, 2022, 5:49pm

Hey can anyone nudge me for the “Have we met before?” flag? Not sure what I’m missing. I’ve logged in as the user to their email and looked around and can’t find anything. I see emails from other pentesters so tried requesting a reset but no dice.

Update: Figured it out

meerrk4t · May 12, 2023, 7:44pm

Anyone here for flag6, i got the last one but somehow missed flag6? thank you

MagicBytes · May 28, 2023, 12:13am

I found the credentials to login to the database but i am not able to execute any queries.

Can someone help me ?

MagicBytes · May 29, 2023, 6:26am

nvm got it

Just missing “It’s not a backdoor, it’s a feature”. Not yet sure what to look for.

unknown0 · July 15, 2023, 9:24am

Can someone give a hint for the 3rd flag apart from "Click everything’? I have logged in the Mail!

Found it !

Yovecio18 · July 29, 2023, 8:18am

Any nudge on how to get the 6th flag?

dvir145 · March 4, 2024, 1:19pm

Any nudge for the 6th flag?