Academy Server-Side Attacks - Skills Assessment

which · November 26, 2023, 11:13am

I didn’t expect it either.

leema · February 8, 2024, 8:09pm

BTW ‘window.location.host’ needs to be replaced by the target’s IP, took me too long to figure that out

Darcia · May 18, 2024, 4:05pm

Yes, this is the first skill assessment of all time, which seemed to me a little strange and stands out from the rest of the assessments.

Guys, who passed this module, I still have a question from the section - “SSTI Exploitation Example 3”
I passed it through - tplmap, but couldn’t beat it through a self-contained payload.
I’ve tried a bunch of different options, tried encoding and decoding, and using all sorts of tricks.
But not one did not work.
Please tell me how to modify the script correctly so that it works.
I will be very grateful for your help.

TamaGorengs · May 22, 2024, 7:55am

Did you managed to do it ? Can you share how your payload looks like ?

Darcia · May 23, 2024, 10:46am

Nop, alas, I couldn’t beat it.
I can send my attempts at manual payload to the pm.

Mrmojo · June 16, 2024, 12:39pm

DM if you are still interested in the example 3 script.

sakelover · June 23, 2024, 2:26am

That was funny. Took me a while to figure out the SSTI wasn’t involved in it.

greentofu · July 9, 2024, 1:06pm

This whole challenge doesn’t make sense at all, not related to the module

TeneBrae93 · July 9, 2024, 8:42pm

This was a silly skill assessment - very ctf-like and not realistic.

Here are some hints for future people stuck on this:

Check the source code for a .js file.
Execute one of the functions in developer options and look at the network tab
Use one of the server-side attacks taught in the module to exploit it (don’t overthink it)

pavelkrejci · July 24, 2024, 9:04am

Hi,
I have the solution already. But there is no file /static/jquery.js. Is this filename just an example and I should dig deeper to find it?
Thanks

R19htByt3 · July 26, 2024, 3:08pm

Looks like this module has been updated and doesn’t require anything like before. The skills assessment was pretty straightforward. Still need help?

pavelkrejci · July 31, 2024, 11:49am

OK, then it makes sense. No more help needed.

Ayesha111 · August 1, 2024, 9:45am

I need help. Give me a hint

R19htByt3 · August 1, 2024, 10:19am

Sure. Where are you stuck?

Ayesha111 · August 7, 2024, 12:39pm

On skill assessment

R19htByt3 · August 7, 2024, 12:53pm

Ok. But what part of it? Don’t want to give away the entire process. Just want to nudge you in the right direction where you are stuck.

Ayesha111 · August 7, 2024, 1:09pm

Please give me some hint to start because I don’t know what I should do as I have applied what I have learned throughout the module.

R19htByt3 · August 7, 2024, 1:44pm

Ok. Ensure you have Burp proxy open/set before going to the website. Then, go to the website and check Burp for any interesting requests that you can test for SSRFs. This should get you going.

Ayesha111 · August 8, 2024, 8:58am

Thank you! Finally finished the module.

R19htByt3 · August 8, 2024, 9:22am

Anytime