We should try harder guys :bawling:
I am … I am
Hi,
Could anyone give me a hint how to escape the “extension” issue?
thanks!
can someone PM me to discuss further, ive tried harder but i think im missing something… i can explain in PM to reduce spoilers…
I’m also stuck getting rid of the extension so someone PM me because I think I am very close but don’t want to accidentally spoil
I probably am in the same place as the previous posts… I can read some source code, and i got direct access to the file tips I upload. Payload in the files however does not want to execute. Anyone willing to pm a nudge? Thanks…
The payload must be “handled” properly. I had to use the editor in the proxy to tweak my upload request after sending it from curl.
This thread now contains multiple hints. Thorough research for all possible ways to get execution with the site’s technology is useful.
@windsurfer said:
I probably am in the same place as the previous posts… I can read some source code, and i got direct access to the file tips I upload. Payload in the files however does not want to execute. Anyone willing to pm a nudge? Thanks…
modify the post payload according to the hint in the source code…
Hey can I get some hint, I am drawing absolutely dead, cant even locate the files being uploaded.
I know the type of attack we need to perform but nothing is working.
Thanks
Okay i was able to read the source codes for the file as well the darkarmy message.
But not able to upload files for RCE. Anything there??
The source code comments suggest that RCE is tricky and also gives some hints about the right/wrong idea to get RCE. You said that you know the type of attack, but are you sure you have analyzed all the different paths to RCE with the programming language that site is using? This is a bit exotic, but not obscure. Well documented, just not the most popular RCE path and the most popular paths do not work in this case.
Hey guyzz …!! stuck on the initial stage , read the first hint by W!@#$r0Z.txt , then according to it got a parameter which says that "Its *** **'s ",
am I on the correct path,
i think it will lead me to a sourcecode disclosure smthing…idk yet
some hints are welcome,
Thanks …!!!
@lokori @abogaida @3mrgnc3
@p5yph3r said:
Hey guyzz …!! stuck on the initial stage , read the first hint by W!@#$r0Z.txt , then according to it got a parameter which says that "Its *** **'s ",
am I on the correct path,
i think it will lead me to a sourcecode disclosure smthing…idk yet
some hints are welcome,
Thanks …!!!
@lokori @abogaida @3mrgnc3
Unfortunately I do not have a shell yet 
Could anyone point me in the right direction in regards to looking for the initial entry point? I can send you what I have so far over PM to avoid spoiling it for others!
@druid there is a way to read source files with some tweaks.
check this “https://github.com/swisskyrepo/PayloadsAllTheThings/tree/master/File%20Inclusion%20-%20Path%20Traversal”
Thanks @kamalawy, I’m struggling to even find the right parameter 
. Guess I’ll just keep poking at it, but feeling veerrry lost with this one.
@kamalawy said:
@druid there is a way to read source files with some tweaks.
check this “https://github.com/swisskyrepo/PayloadsAllTheThings/tree/master/File%20Inclusion%20-%20Path%20Traversal”
all I get is a comment over 90s
@macw141 said:
@kamalawy said:
@druid there is a way to read source files with some tweaks.
check this “https://github.com/swisskyrepo/PayloadsAllTheThings/tree/master/File%20Inclusion%20-%20Path%20Traversal”
Have it, great tip! Thanx! Did not try earlier this way.
I think this is my favorite htb… great box all around