Official Toxic Discussion

Official discussion thread for Toxic. Please do not post any spoilers or big hints.

Great challenge!! Really useful to familiarized with common web vulnerabilities. Feel free to ask for a hint

hint please, first challenge :disappointed:

Can i also have a hint :frowning:

Lovely challenge! A bit different from common web vulnerabilities (especially with the added randomness), so the extra challenge was a good learning experience.

Type your comment> @Sirbot said:

Can i also have a hint :frowning:

@alketsh said:
hint please, first challenge :disappointed:

you have a source code :wink:

I want to say this is a pretty nice challenge especially the second part :wink:
pm me for nudge

did it after help from @7Rocky :smiley: :

Can someone can give me a hint on how to hadle the randomness ? I tried with bruteforcing it but wasn’t effective…

Type your comment> @TheEmix said:

Can someone can give me a hint on how to hadle the randomness ? I tried with bruteforcing it but wasn’t effective…

You need to upgrade your Low Floor Industrializer to a Really Cooperative Experience. The challenge name sort of relates to the technique. If it’s not toxic nor venomous, what could it be?

Nice hint :lol:

I went a bit too quick into the exercise without realizing that the name of the flag is NOT just /flag so don’t do the same mistake…

Can someone give me a hint? I am new at this.

Can someone explain to me what tr -dc ‘a-zA-Z0-9’ means? I know it might have nothing to do with solving the challenge, but I just want to understand.

@Eren said:
Can someone explain to me what tr -dc ‘a-zA-Z0-9’ means? I know it might have nothing to do with solving the challenge, but I just want to understand.

tr translates one set of characters to another set of characters. For example echo hackthebox | tr 'a-z' 'A-Z' would output HACKTHEBOX. The -d flag deletes a set of characters and the -c flag inverts the set so tr -dc 'a-zA-Z0-9' would delete any character that isn’t a letter or a number. For example echo 'h&ck+th3B%x' | tr -dc 'a-zA-Z0-9' would output hckth3Bx.

FWIW I didn’t need this to complete this challenge but it’s good one to know about. You can find out more with man tr.

Type your comment> @ily said:

@Eren said:
Can someone explain to me what tr -dc ‘a-zA-Z0-9’ means? I know it might have nothing to do with solving the challenge, but I just want to understand.

tr translates one set of characters to another set of characters. For example echo hackthebox | tr 'a-z' 'A-Z' would output HACKTHEBOX. The -d flag deletes a set of characters and the -c flag inverts the set so tr -dc 'a-zA-Z0-9' would delete any character that isn’t a letter or a number. For example echo 'h&ck+th3B%x' | tr -dc 'a-zA-Z0-9' would output hckth3Bx.

FWIW I didn’t need this to complete this challenge but it’s good one to know about. You can find out more with man tr.

Thank you very much. I understand it.

.

Nice challenge! Also, @Fugl hint is gold!

Indeed, @Fugl post is a riddle in itself, at least for noobs like me, but after wasting hours in what turns out to be a dead end, it guided me towards the solution. Grade A comment.

hello, i know we need to upgrade our Low Floor Industrializer to a Really Cooperative Experience, but the cereal isnt working, any tips on how to make the cereal and uncereal work? i figured that i need to construct a suitable payload in the cookie :v