Official DoxPit Discussion

Official discussion thread for DoxPit. Please do not post any spoilers or big hints.

what the f is the way to interact with the backend

2 Likes

Sometimes you need to check something before the code

How to interact with backend???

in AV, there is an unsafe method being called that should suggest a certain type of exploit, and the fact that the author blacklists certain characters in a parameter

1 Like

any hints? do you figure out?

that filter bypass is crazy. nice challenge.

2 Likes

Do you have any hints for the filter bypass?
I just can’t figure it out

I would tag ssti blind injection rce jinja2 filter bypass
and we got google vs chatgpt. no more hints.

why would I be googling jinja2 ssti?

1 Like

I’m trying to bypass the filter, I bypassed all the chars except the “\”

do you have a critical hint that get me out of this challenge? Btw ChatGPT is not helpful for me, he always use badchars to fix my payload.

actually you don’t need a backslash and neither chatgpt. all you need is to read some pages and figure out how to smuggle a character.

I was frustrated for a while, but it was super satisfying figuring out how to talk to the backend!

I was able to interact with the backend and register but I can’t get the token. I tried with curl and Burp Suite but I get the same result, the response is {}.

Help would be appreciated :slight_smile:

how to interactc with backend

stuck on how to bypass the character _ and .
can anyone give me nudge on how to move forward :question:

Hey guys im stuck i managed to resolve the chall locally but when i try to get the flag from the instance i can’t get it

after 4 hours I could finally solve it. probably the hardest one I’ve done so far

anybody pls nudge me, how to interact with background. Stuck on 1st step

Wow this was a cool one - very interested to see how others did the last part, if you are keen to swap let me know!

Pretty hard one. Nudge for tips.