Official discussion thread for Blazorized. Please do not post any spoilers or big hints.
Im ready to hate myself for being dumb. Lets goooooo!
My work lifecycle
- I CAN DO THIS
- Man this is tough
- I hate myself …
- I wonder if I would be good at welding instead
- My career is over
- I GOT IT!
- I’m the best
<repeat>
Let’s gooooo
Man, another Windows machine.
More AD…
I’ll take a small break since I just got Axlle yesterday.
Will throw the popcorn to this post’s comments though!
let’s go guy no popcorn
Anyone got foothold yet shoot me a message. I fear im going down a bad rabbit hole lol. stop me now.
you must create a jwt token and use it for admin pannel check your burp history
it’s related to dll again
So it has to do with disclosed information in disassembled dlls?
yeah look at nuclei blazor template. Then you can pull down the ones that aren’t system ones and decompile using ilspy or something like it
I still didn’t even started the box.
@assquired sent me a youtube video that had a possible path to follow.
Just checking if this is it
I recommend
- nuclei
- ilspycmd
- vscode
as a start
dnSpy is gonna get you there. Also pick up Blazor Traffic Processor on the BAPP store. Make sure you add all subdomains to your /etc/hosts. Happy Hacking (:
Is any one can pwned Blazorized pls give me a hint i am onthe beginning enumuration but i do not find anything except Microsoft SQL Server 2022 16.00.1115.00; RC0+
I think I made good progress on foothold initially, I guess I’m 90% there (I got increased privileges so to speak, but I fail to make the application acknowledge that). Probably because it covers a topic I am procrastinating on for years already.
Welp guess who has a whole lot of reading to do on a subject they know nothing about
<–Its me
First blood root took almost 10 hrs. Yikes