Type your comment> @farbs said:
Type your comment> @init5 said:
@farbs said:
Validated users and dumped a hash. Onward!Hints? ?
Figure out how to properly bypass the WAF
I’d be interested to hear if you have any pointers on how you got the hashes
Spoiler Removed
wtf no blood till now
Anyone had any luck with the hashes yet?
I’ve tried cracking them with some public lists, some of my own and from scraping and still no thing.
Users?, You guys got users? 
, well any hints to get those 17???
Type your comment> @nav1n said:
Users?, You guys got users?
You need to find the part of the site to do with names then bypass the WAF by talking to it differently to normal.
Sorry if this seems confusing. I tried to be clearer above and it got marked a spoiler.
Type your comment> @GoldsteinNZ said:
Type your comment> @nav1n said:
Users?, You guys got users?
You need to find the part of the site to do with names then bypass the WAF by talking to it differently to normal.
Sorry if this seems confusing. I tried to be clearer above and it got marked a spoiler.
Got it, thanks alot 
I am bashing my head in the wall since last night even after bypassing WAF, nothing is crack-able from what I managed to dump. ?
@init5 said:
I am bashing my head in the wall since last night even after bypassing WAF, nothing is crack-able from what I managed to dump. ?
It’s crackable, just not the first thing you see
@clubby789 said:
@init5 said:I am bashing my head in the wall since last night even after bypassing WAF, nothing is crack-able from what I managed to dump. ?
It’s crackable, just not the first thing you see
I got 17 in total with only 4 being unique, tried rockyou.txt against everything but nothing worked.
I am guessing I’m moving in the wrong direction.
Type your comment> @init5 said:
@clubby789 said:
@init5 said:I am bashing my head in the wall since last night even after bypassing WAF, nothing is crack-able from what I managed to dump. ?
It’s crackable, just not the first thing you see
I got 17 in total with only 4 being unique, tried rockyou.txt against everything but nothing worked.
I am guessing I’m moving in the wrong direction.
You’re not moving in the wrong direction. Try harder
cracked hashes… aaaand they aren’t leading anywhere?
Type your comment> @init5 said:
cracked hashes… aaaand they aren’t leading anywhere?
I’m at the same point lol
@idomino said:
Type your comment> @init5 said:
cracked hashes… aaaand they aren’t leading anywhere?
I’m at the same point lol
Try harder
So if you have the passwords maybe you miss the other part…
I’m trying to ask this as cryptic as I can, please mark it spoiler if too much. So I managed to use a user/pass pair in a service where I was surprised I can only access ****** and can’t access D**********, found new information in ****** that I’m not sure yet how useful it is. Is that the way?
Edit: sorry was an idiot, got the user flag
Edit2: aaaaand it was decided that the ‘patch’ will reset all progress… not cool.
Spoiler Removed
Ok. I guess i miss something…
I have no pb to get a list of users (with 2 methods: kte and web front end) and i don’t see any waf blocking me. by the way actually i can’t enumerate web front end (the waf thing must be here :)) and… i’m lost.
Can’t get any hash from users i found (even changing domain etc…) so can’t get any real entrypoint. (nor dictionnary, nor dog, nor evil etc…)
So my only question is: should i work harder to scan web front end or should i work harder with tools like imt or is there another way i totally missed ?
Is rockyou supposed to be used for the hash? Tried that with about 10 other dicts and nothing so far