Official discussion thread for nginxatsu. Please do not post any spoilers or big hints.
Finally got it! After digging into a rabbit hole for a few days anyway haha. My hint: don’t feel like you need to go super deep into the filesystem to figure this out.
well, i feel like i’m stuck forever on this one here !!
If anyone is willing to lend me a hint please do so in my DM been stuck for ages lol
I am stuck on the second phase.
I managed to perform the edit of a certain sweet thing.
I think i should perform a s*** on the only unprotected thing now.
I know how to generally blind it, but I can’t bypass those back-ticks.
I bet I am on the right path, but I can’t bypass that
Someone can help/send me hints, please?
I’m stucked second part, i found some blogs and cve but not work, nudges accepted.
Edit: btw solved.
I have coded what’s needed to talk to the app, and i know what to exploit… but am i dumb or S**M*p is unable to exploit it ?!