@limbernie said:
I sorta ‘guessed’ the username from the comments. Now, how do I search for attributes in the four-letter directory service? Step up my enumeration game?
Very interesting box…
Did you guess the username from comments here in the forum or those in html? Are you intended to guess or is it possible to find it? Hate guessing.
@limbernie said:
I sorta ‘guessed’ the username from the comments. Now, how do I search for attributes in the four-letter directory service? Step up my enumeration game?
Very interesting box…
Did you guess the username from comments here in the forum or those in html? Are you intended to guess or is it possible to find it? Hate guessing.
Guessing is actually not required but because I’m a noob when it comes to the four-letter jab, I’d to resort to it.
Based on the little information you have - research what sort of ‘backend’ is typically used for systems like this. Then do to this backend what you normally do to relational databases.
You can guess the username, but it is possible to slowly and gently ‘brute-force’ it - might require trying different wordlists.
As for the enigmatic error message / next step:
I hope this does not make it more confusing, but I consider this a ‘higher order’ of the method you used in the first step (borrowing technology from the way you attack databases).
Right on cue.
I was waiting for you so swear at me as usual @izzie
I have had a look at the box yes. Seems very well made and has a clear structure and way forward. It’s a very different style from what I like to make but imho there is room for variety on here.
Why do you get so offended so easily?
I really have no animosity towards anyone on here, even you.
If we can’t debate different ideas without being ranted at that’s a real shame.
@izzie and who tf are you btw? you’ve pwned this box? and @3mrgnc3 even apologized. mate, do YOURSELF a favor, and shut up. you dont know who you’re talking to. and its a public forum, everyone has the right to share opinions.
Gold.
" do YOURSELF a favor, and shut up. you don’t know who you’re talking to" then followed by “its a public forum”.
This machine silently kills me :lol:
I’ve been trying multiple things, but cannot achieve anything past the login page. A nice challenge indeed. Kudos to @0xEA31
This machine silently kills me :lol:
I’ve been trying multiple things, but cannot achieve anything past the login page. A nice challenge indeed. Kudos to @0xEA31
@izzie and who tf are you btw? you’ve pwned this box? and @3mrgnc3 even apologized. mate, do YOURSELF a favor, and shut up. you dont know who you’re talking to. and its a public forum, everyone has the right to share opinions.
Gold.
" do YOURSELF a favor, and shut up. you don’t know who you’re talking to" then followed by “its a public forum”.
Make your mind up m8 xDD
IKR and yes I have pwned it, I must be cheatin’ loool.
Man this is a tough one. I think I figured out what’s running in the backend, been able to inject stuff in the username field which came back as “Cannot login”. Then I figured out what seems to be a valid username. For the password piece I’m lost. I saw the comment that mentions what kind it is, looked for that kind of token with the specific auth backend in use. But I don’t know what I need to do to get logged in. Do I need to generate one of these One Time Password? Or is there an injection to bypass it all together? Sorry if this is too much spoiler… Anyone to PM would be greatly appreciated!
I’m really struggling to get a foothold. I’ve enumerated a valid username for the initial login, but I’m not sure what I’m intended to do for the password. I’ve been researching based on the terms mentioned in this thread, and I have a guess what the backend might be, but that doesn’t seem to be helping.
I’ve tried messing with some injections, but have yet to identify an injection point (and also, using scanners here is painfully slow since a tweak is necessary to avoid getting temporarily banned). Even with a guess at the backend, just trying injections and hoping something works doesn’t feel like the right path. My guess could be wrong, anyway.
What should I be looking for here? It feels like there’s so little attack surface at this stage that I’m lost on where to go next.
After reading 2 pages of guys measuring dicks to each other, I found no hint on where to start, It,s being a long time for me since I came across to a box and I stuck for hours on the initial page/scan with nothing in my mind to try, so first congratulations to @0xEA31, love this kind of things.
With that being said, can someone recommend me a read or where to start with this ctf technology?