Official Faculty Discussion

Official discussion thread for Faculty. Please do not post any spoilers or big hints.

found sqli in login page, manage to get a hash and usernames. Don’t know where to go next, can anyone give a hint?

Rooted. Nice box! Both user + root were things I had never seen before.

Look into what the web site can do, and what you can download from it. Look closely at the file. Then do some googling

rooted: funy machine :smiley:

Im in the admin panel, any clue of what i have to do?

Full rooted, it’s an entertaining machine with new things, send me a DM if you are stuck. :smile:


trying server side XSS right now, can’t get it to work. Is this another rabbit hole?

Edit: nvm, found another exploit.

I’m terribly stuck in root stage. any nudge can be very helpful :frowning:

Send me DM. :slightly_smiling_face:

hey all - I’ve hit a wall on Root, if anyone can give me a nudge in the right direction let me know

need help, mey be found X** with download but Burp always crash when i send payload to read files


  • web dir enum
  • find a page to use your needle, use it rationally, not brutally
  • understand how to download
  • google for all possible html tags that can help you to read files
  • read a file that’s possibly storing a password
  • what can be run as another user? there is a known exploit for this
  • once you are the other user, find out what other capabilities each program has
  • use your capability to intercept another process

Initial access:

  • OWASP Top 10 :sweat_smile:

User 1:

  • Use the application, analyse its behaviour.

User 2:

  • User input is dangerous, mmkay


  • I’m sure you are capable of figuring this one out.

Is it normal that I got to download a PDF once, but ever since it has been impossible because the machine throws an error? Are you supposed to be downloading them from different subpages? Thanks!

1 Like

check the output of id

Found the SQLi to bypass admin form and login as the admin user, also found the XSS.

I’ve tried to inject XSS data to read files when generating the PDF consulting this resource.

Right now im stucked. Any hint? DM me

now i understood why its funny man! :sweat_smile:

1 Like

what tag to use to read file ? i have tried almost all tags but nothing is working … please DM me :slight_smile: need your help

Then you’ve some other tags left to test right :slight_smile: Do it one will work. As a trick, you’re not limited to test one tag, you can throw all tags at once, download more files in one go… and look for the attachments.