HDC | Web Challenge

Hey,
i’m quite new here and just solved the web challenge but i noticed some things that bothered me.
Firstly that you had to guess the email-address that seems kind of odd to me? Did i miss a hint?
And secondly i noticed that there was an other admin panel under the port 32768. I really wonder what it does or/and how to get access to it? “The hint is bruteforcing but i didn’t tried it yet”

Hello Axon, regarding the other port, its just another user’s instance. Nothing more for you to exploit.

Thank you, i just noticed that the name is the name of an other challenge.

Ok bro so any hints here I was intercepting the response and trying basic bypass techniques but NADA any nudge in the right direction?

read the source. it is all there

gone through source page of HDC & challenge001 but didn’t know how to proceed further…

look at the source page and digging in JavaScript files

found nothing interesting found maybe missing something obious

@B0rN2R00T said:
found nothing interesting found maybe missing something obious

as other said, look deeper in the JS files.
if you do not find anything interesting you did not look well enough

Atlast i got it…Even though it feels like spilling blood out of my eye’s while looking depeer.
For those who are still stuck at login page go through JS files and use colors to get clear look coz there’s 99% chance you’ll miss it when reading in monochrome style :slight_smile:

I was able to send the email. And now?

@andremilke said:
I was able to send the email. And now?

I got it.

I Cannot understand where should i start…

“Check the source Luke”

BTW this thread is full of tips. To be honest if you"hacked" yourself inn without help this task should be “easy”

If you feel you are hitting brick wall and really don’t know what to do than pm me, I will help.

Need a little nudge? Can help you! Inbox!

I found there are some stego stuff in ‘gray matter’ logo on the top-left of the index page.But run my worklist cannot stegocrack the image. Am i on the right road?

I have noticed (presumably) prebid.js on the site. I’d doesn’t seem to be related to task so I’m wondering whether someone uploaded it there for malicious purposes. Any hints?

Completed it!
A bit of patience and some common sense will take you far :slight_smile:

PM me if you need help

Hi!
I got the e-mails but I don’t know what to do with them.
I know there’s a form to send a message but I don’t get anything in the reply.

Hi guys, on this got to the point where i can use the emails but looking at the ‘tool’ I am not getting the expected result ? any pointers ?