Official Toxic Discussion

hello, i know we need to upgrade our Low Floor Industrializer to a Really Cooperative Experience, but the cereal isnt working, any tips on how to make the cereal and uncereal work? i figured that i need to construct a suitable payload in the cookie :v

No need to construct a payload in the cookie, you need to upgrade in a Toxic way

ok thanks

What does: upgrade our Low Floor Industrializer to a Really Cooperative Experience mean ?

And what does it mean with: you need to upgrade in a Toxic way

I never solved only before so I’m realy new to this.

Greetings

Thanks to @Fugl for the nudge above, eventually figured out what your riddle was telling me and was finally able to move on!

Could anyone help? I have done the malicious edit and get a result that proves i am past the first part.

What a nice little challenge! :wink: Really enjoyed it, even took the time to script everything out for the bruteforce before I connected the dots. :slight_smile:

I finished the challenge, but I was unable to get a shell. Anybody in the same boat, or am I missing something?

Type your comment> @0xd4y said:

I finished the challenge, but I was unable to get a shell. Anybody in the same boat, or am I missing something?

Do you have public IP address?

Can someone PM me a hint for the second half? The other hints don’t seem to make sense to me.

Thanks for the challenge! Fun yet also really practical.

this was fun, learned a lot

I just finished Toxic and I think the first half is pretty easy, I discovered the vuln pretty quickly and could read files like /etc/passwd etc…, but I could NOT figure out how to read the flag, which has a trailing random value. After much study and scrolling through the comments, I learned why this challenge is called Toxic (a synonym for another well know attack vector). So, when I thought I had it all figured out, it still no workie :frowning: I had a Server 500 error when I changed some parameters of my payload.

I finally enlisted my inner Tier 1 support and restarted the target instance and BOOM, my thing worked and I got the flag. A mix of my n00bness + boned instance == time I wish I could get back! Cheers!

Look answer in the logs…

Poisonous? I have found the vuln and I am able to read stuff like etc/passwd and etc/hostname, but not the flag. Do I need to provide something like a file to upgrade to a Really Cooperative Experience?

when i edit cookies i can not see anything in my site why that happens