Sometimes you can have your cache and eat it too
1 Like
Thatâs the reason I paused solving this box and switch to Portswiggerâs LABS where I can find and practice cache cases 
In my opinion it will help me to understand this kind of bugs.
Thanks for a hint!
Cheers
Nice! No problem. Practice is always good. So is context. This a CTF. Itâs a manufactured game. If thereâs an extra intermediary somewhere, then itâs probably either opening up a vulnerability or complicating another one
hi. iâm having problems with logging in on port 8080. i know what the credentials are but i donât know why it wonât let me log in again. iâve already rebooted the machine 2 times.
any hint to bypass login in gitbucket?
Any hint to bypass 403 to get the /logs file?
Iâve bypassed the Varnish proxy via smuggling attack but the acl rule of HAProxy intercept the request and it could not reach to the backend server to retrieve logs file
bro use h2smuggler
Is there anything I need to do first before trying to use h2csmuggler? I see some comments about abusing CSRF or XSS attacks, but I canât stay a method of where these would be used
u just need admin cookie
I have no idea how to get this cookie with sm*** I try with some X**
Feel free to DM on here or discord if youâre still stick. I manged to own this box last night.
To get user was interesting, but the root privexec was so niche.
admin cookie with cache poisoning
need some help with initial foothold. able to login with ma**o user creds into caption.htb webpage
Have a play around with HTTP headers and see if you can find a certain header that is reflected in the page source
Anyone around for a nudge? Stuck on initial foothold. done the basics of getting the info from commit history. feel like I keep going down rabbit holes