This is my first time posting on forums, apologize if I make any mistakes. I need some help.
I’ve hit the page where you need to perform injection, however all I get are bad gateways. I’m not familiar with *** or nl. I’m trying to learn how to tweak the injection payload and using burp’s intruder to automate requests. Without having to take a nl course, how does one even know where to tweak the payload? I’ve tried everything I could find on Google, even other’s writeups, and they don’t explain how they’ve got to the conclusion as well. I have a feeling I’m not learning anything anymore and just wasting time. I could just use the online writeups injection, but I would rather prefer learn why it works, the resource used, or how you made the resource yourself. etc.
bypassed auth found some md* h**** got one (j***) but the other (a****) may require some real effort. I know user account on the box but the creds I have don’t match. Do I need to brute or dic both h****? I really don’t want to spend the effort going through an actual brute force if it is not necessary.
Hi there,
I’m stuck after finding the hashes. I look up what comes next in some writeups and i cant find this m**m subd. I used almost 15 different wordlist to brf and gobuster, fuff, wfuzz and dnsrecon and nothing. How did you get it?
Managed to root the box! It’s my first Messing around with /etc/hosts was the biggest hurdle for me in the end . One problem though; both the user.txt and root.txt are not accepted by HackTheBox, does anybody else have this problem? I cannot reset the machine as the reset limit is reached for today… So I’m not sure if somebody changed the flags. You are supposed to submit the hash right?
Im getting timeouts and iv tried switching the payload to other parameters, I don’t understand how hashes come into play. I mean, I understand that the **sql database is most likely storing hashed passwords, but im not really sure how my injection technique can take that into account?
Please can I request some help. I have found the hidden subdomain and service running on the non standard port. I am convinced I need to do something with the URL for the service but I can’t find anything in my research.
The login form injection for this seems anything but straightforward. It is definitely a bottleneck in the process and can bog people unfamiliar with injection (myself) down for hours or days. Is anyone willing to discuss at least what tool they used to accomplish the task?
I would like to second this as I’m currently stuck on this step. Few people in this discussion mentioned that the solution didn’t make sense to them, even when they found the working payload. Spending hours on a pure brute force method seems to me like a waste of time, because it won’t teach me anything new.
I would be grateful for any hint, which would help me to approach this in a systematic way.
Hi,
is there someone to write a direct message to?
I found the solution for the first “problem”, but I only found it through a walkthrough in google. I’d like to understand how you found a solution.
Hey, I am stuck at this as well. How did you get the result - I have also tried a lot of different solutions, and looked at writeups, but nothing - only when I add the subd to the hosts file, it works
Messing around with /etc/hosts was the biggest hurdle for me in the end 
. One problem though; both the user.txt and root.txt are not accepted by HackTheBox, does anybody else have this problem? I cannot reset the machine as the reset limit is reached for today… So I’m not sure if somebody changed the flags. You are supposed to submit the hash right?