Official discussion thread for Headless. Please do not post any spoilers or big hints.
That wasn’t too bad. Good luck everyone!
Probably a little too easy - still fun, but over too fast.
1 Like
Have a lot of leads. Tried several related “snacks” and such. However, I am totally stuck. Any hints you can give without spoiling?
What have you tried so far? Pay attention to the error message.
1 Like
I finally figured it out. I was trying in the wrong place… if that makes sense.
Any useful hints ? i got no idea what to do after playing with requests .
the root was very easy .Owned Headless from Hack The Box!
Any1 able to give hints, feel as if I have fallen down a rabbit hole by over complicating it. It feels like I have tried everything yet I have nothing in return.
Nice VM, fairly easy foothold, and very, very easy root part
Owned, free dm to hints.
2 Likes
Is the is_admin cookie flask-based or do I have to reverse engineer how that works on my own? flask-unsign is still chugging away so idk if that’s working
check dm
Finally Did it…Machine is easy,particularly root…User got tense for me as my payloads were not landing…Had to reset the machine for it to work…
Has anybody faced the situation when you need to submit payload more then one time in order to make it work? How it can be explained?
Cool and easy machine.
DM for hints
Got a little lost due to missing an integral part in my enumeration. Overall it was an interesting experience and a pretty fun one!
Anyone needing help hit me up,
Good luck everyone!
any hints guys ? i see everyone saying so easy but i guess im over complicating it xD
Took me far too long for user, spent a lot of time going after the wrong thing. But root was a piece of cake at least!