Official discussion thread for Editorial. Please do not post any spoilers or big hints.
Here we go boys
1 Like
yeah bouy
Is it the file upload or am i looking in the wrong spot?
1 Like
Preview more likely
1 Like
Preview seems interesting…
it previews an image file
I think it is command injection but I am super super super super super stuck. A small hint would be awesome please
I can’t tell after the preview which kind of shell to upload. any hints?
I am super hard stuck. I think it is command injection. A small hint would be a W
1 Like
I found the directory where the files are stored, but when I try to access it, it just downloads the file instead of displaying or playing it in the browser. I’d appreciate any hints.
yea same as everyone else, not entirely sure what to do with the preview feature. Uploading shell files and previewing it, doesnt really seem to do anyting.
u don’t need to upload a shell, just enum more, u will get what you need
3 Likes
yes, I didn’t upload the shell. I just got what I needed from the preview, but there’s an issue—the shell isn’t executing. any hints, please?
I think I have to preform python injection to exeucte commands via the URL. Am I wrong? I am hardstuck
Pls modify script to remove “new_changes” if it exist because it doesn’t work properly
3 Likes
enum what ? we only have the url and the upload directly
3 Likes
I am all out of ideas â– â– â– â–
1 domain, 3 pages, 1 upload page, I tried enumerating everything I can see, but I can’t do xss, dir trav, command injection, or uploading to get a reverse shell. I’m hard-stuck. any hints?
im sure its something with the upload its just im not familiar on how it works