Official discussion thread for Compiled. Please do not post any spoilers or big hints.
1 Like
Its that time once again boys! 
7 Likes
Oh man. Lol this gonna be a doozy
yes 
I got some pbkdf2 hashes someone can help me to “transform it” into hashes to be cracked by john or hashcat?
Any hint guys? I tried the possible path I know (pre-build event) but didn’t get any thing
yeah thats not the way, look to the headers when the app tries to clone your repo
2 Likes
found what do to with both websites and the CVE/exploit but don’t really understand how to use it with the second website, anyone care to help ?
This was a hard one 
But finally made it
1 Like
More AD!? 
Still going through some old boxes here before trying this one
3 Likes
I think this machine has 0 AD
2 Likes
Yep, there is no AD
No AD so far. That foothold is wild though. brush up on your GIT skills
A whole lot of code reading and vulnerabilities in code then!?
The name is pretty inducing!
I continue stuck after the first rev shell 
Technically a CVE to take advantage of but the execution is quite frustrating. Foothold really didnt require much code reading other than whats available but it doesnt help much. The vulnerability is in the code technically
2 Likes
Someone who managed to get a working RCE via the famous CVE and want to drop me a nudge? Please, DM 
need one as well. I also tried a different vector: Trying to RCE from the build system(msbuild) but for doesn’t work for some reason. possibly it doesn’t build anything even though it claims to.
1 Like
Also struggling to get a foothold. Managed to get a hash of a user but it does not crack.
I think if you look at the RCE its overwhelming. I think a lot of people seem to be overlooking the Register button 
That takes like 80% of the hard part away.
3 Likes