Official C.O.P Discussion

Official discussion thread for C.O.P. Please do not post any spoilers or big hints.

hey guys! i found a sqli, but i cant read or write files and cant get os-shell. what’s next? any hints?


You already got a hint - maybe you have not recognized the hint.

1 Like

I’m stuck at the same point :smiling_face_with_tear:
Have tried a lot of things without any result. Any small hint?

1 Like

I found sqli but can not read any server data i am trying SSTI but nothing :upside_down_face:


Does the challenge work for you guys? I managed to pull the exploit locally but no luck on the actual server, wondering if it’s a me thing or not haha

1 Like

what kind of exploit is that?

1 Like

I used the given files to create a local Docker container. As Docker server I use Flatcar Container Linux in a VM. My exploit works with both the local instance on my server and the instance on the HTB server. I did not notice any difference.

I’m also having this issue, have a local exploit working, but when applying the exploit to the live instance, the connection hangs. Tried regenning VPN etc but no dice.

If anyone has any ideas or hints that’d be amazing.

I do not use a VPN to connect to the HTB server for the challenges. The IP number of the challenge docker containers is reachable when the HTB website is reachable.

Maybe you are trying to connect from the Docker container to your local computer. Then your computer must be reachable from the container inside the HTB server.

Hey, I’m just using the HTB VPN, can connect to the live instance and browse the challenge website etc, but when attempting to send the exploit it hangs unresponsive. The exploit is purely local, dumping the flag to a location I know I can browse (hope that isn’t a spoiler, but seems pretty standard practice for the challenges as opposed to going for a shell etc)

I just checked it now. Writing and reading a file with an exploit is possible with my local Docker container and the Docker container running on the HTB. No change between local instance and HTB server was needed (only change of IP and port number).

The access works for me without VPN, only with the specified IP after starting the challenge.

The challenge was pretty straight forward, no difference if you test your payload on a local instance or on the actual HTB container.
For anyone stuck, feel free to drop me a PM.


is The SSTI part of the exploit ? cuz I’ve not figure out the second part after SQLi

Update: I’ve solved it. you should run your docker locally to see what’s happing in the background.

nope, no ssti.

tips: the cult is a suggestion regarding the second part.

ping me on tele Telegram: Contact @lambardarr

I am stuck at SQLI. I can get sqlite version number but could read any sensitive info

please I need some hint I got the sql injection, but i don’t know what next ? what kind of exploits should i focus on

I’ve run the local instance and got a hint when an post is viewed. Tried doing SQLi and seems working but I am not successful with file read or further OS exploits. Not sure if they are due to encoding errors. Suggest me a hints on how to proceed.

Hey @Err0rBladE @osiris, first you need to read the code and know how its works, run docker locally and see whats happens. SQLI is good but you need more LOL.

READ THE CODE :slight_smile: