Hello everyone, Can anyone help me with this one?
I stuck on this academy section - Login : HTB Academy.
I used multiple scenarios but no luck:
127.0.0.1%0a{IFS}{ls,-la}${IFS}${PATH:0:1}Home
127.0.0.1%0a{IFS}{ls,-la}${IFS}${HOME:0:5}
127.0.0.1 ${LS_COLORS:10:1}${IFS}${PATH:0:1}home
I am not getting invalid input in the responses for the above, but no luck finding the username so i believe to be in the right path of solving it.
Can anyone give me a tip to continue?
thank you in advance
Go step by step.
First, find a payload that gives you something in return. Example just ls
If that works, extend your payload. Example ls /
If you found a payload which works here, extend your payload further.
Could someone give a hint for this that is not this level of cryptic as the previous hints.
There’s a gotcha that you need to worry about. What I was doing, which I believe many are doing, was preparing the payload according to my machine’s environment variables. However, that is not always the same as the machine we are attacking. As a result, I first ran the printenv to have a look at the available environment variables on the target machine and adjust the payload accordingly.