I’ve identified web cache poisoning… but as any/ALL parameters seem to be keyed, can’t get that to work… I’ve dome some version enumeration and see a known CVE… but back to the above, can’t get that to work as everything is keyed… Found XSS, but again going back to points above… no-go. Tried running wsvc but it didn’t yield anything. Have also tried Fat GET (zero indication that’s vulnerable)… any help? Thanks!

So solved it – everything you need is there… just pay VERY CLOSE ATTENTION… and keep at it… and with enough baby steps, it all comes together absolutely… beautifully

1 Like

hey! can you give me a hint please? I’m suck on this assessment like forever x.x