thank you man…took me 3 weeks, but it’s done…
SPOILERALERT
Short Guide to help you since the Module didn’t explain some important steps.
I will leave most of the steps explained in the course out.
First:
You don’t need to do the server part, it was only required to understand how to use the SQLi.
Second:
The only things you need to change are the port in beans.xml, deleting most of the MANIFEST.mf exactly as explained in the course and changing the User.java file in htb\fatty\shared\resources.
Additionally, you need to delete the 1.RSA and 1.SF from the META-INF directory.
Steps:
Change the port in the beans.xml and delete the hashes in the MANIFEST.MF and leave a new line beneath it. Save and jar -cmf .\META-INF\MANIFEST.MF ..\fatty-client-new.jar *
exactly as explained in the course.
Check if you can log in with the given credentials. (if not, repeat the first step and look at the course explanation)
Now the steps that are insufficiently explained in the course.
- Drag the fatty-client-new.jar onto the JD-GUI in the C:\tools\
- “File” → “Save all resources” to C:\Apps\
- Extract the jar.src file to fatty-client-new.jar.src\ in the C:\Apps\
- Change the htb\fatty\shared\resources\User.java file to
javac -cp fatty-client-new.jar fatty-client-new.jar.src\htb\fatty\shared\resources\User.java
mkdir raw
cp fatty-client-new.jar raw\fatty-client-new-2.jar
- Go to the raw directory and decompress the fatty-client-new-2.jar by right-clicking and “Extract here”
mv -Force fatty-client-new.jar.src/htb/fatty/shared/resources/*.class raw/htb/fatty/shared/resources/
cd raw
jar -cmf META-INF\MANIFEST.MF traverse.jar .
- open the traverse.jar file and do the SQLi as explained in the course
- open the Ipconfig tab in the client to answer the question
If I missed something or made an error please correct me.
thanks buddy, solved , struggling about 2 days anyways…