Get it, I think this challenge is not worth the time passed on it.
But anyway, even if i feel that i’ve wasted my time i’ve learned a bit of stuff.
This challenge in an union of error and trial.
Hi!
I think there is a problem with the creation of the instances for this challenge. I was working on it yesterday and it was working fine. But now I can’t connect to the webserver port when I create a new instance.
Can someone one validate that it’s not just me?
Thank you!
Same issue with me here
Same issue…can’t connect to challenge after spawning instance. For what it’s worth, filed a support ticket:
Jira Service Management
Also having the same issue with the instance not being accessible after starting
Why ezpz not connecting? Is it not working now? I can access other web challenge except the ezpz.
FYI…support starting to look at this challenge…hopefully they can fix soon…
Hey everyone,
I’m a noob, but how should I have a stable connection with it?? I can’t connect to it.
Notice: I’ve tried S"L"i
Type your comment> @arg1 said:
FYI…support starting to look at this challenge…hopefully they can fix soon…
I hope so because I still can’t open it from my end too till now.
Support has tried a few changes, but so far it’s still not properly working…support ticket still open
Yay! Support fixed. Hope it stays up. Happy hacking all!
Type your comment> @Crafty said:
You can PM me guys but please tell me what you have tried so far.
I got through the first notice but i am unable to clear the second notice and I don’t know what to do with the hint provided. Help plz
okay this was crazy, its actually pretty easy, the only thing that confused me were all those errors and the waf, but when u pass through this it’s really straightforward, thanks for the box
Type your comment> @misofani said:
A small hint for the last step. You don’t really need the column.
How did u solve it without knowing the column? I had to first find out(and only then I managed to solve it), PM me if u can 
Type your comment> @vellichor said:
Type your comment> @misofani said:
A small hint for the last step. You don’t really need the column.
How did u solve it without knowing the column? I had to first find out(and only then I managed to solve it), PM me if u can
Just solved it. Good challenge. I guess @misofani means the very “last step” doesn’t need you to know the column names.
Also a small hint. There are two ways to get table names:
- (easy way) quote it in “mysql way”
- (hard way) forget about information_schema, ask mysql instead.
Hope it’s not a spoiler.
Hi, I’m stuck on bypassing WAF, tried few things, anyone can help me?
You don’t have to send whole payload at once. Try different parts of it to check what WAF reacts to. After you notice CHARacteristics of the WAF consult Google on how to bypass it.
thanks, I will try that
I am currently struggeling in getting the data without knowing the column name.
I found a way which should work, at least it is working on a local database. But unfortunately this results in a too large request URI at the challenge.
Could need a nudge per PM on how to do the correct thing without knowing the column.
EDIT: I was just missing a character in my query which resulted in an error. Just double check your queries…
Thanks @Drxxx for the help! Great guy.
very interesting challenge… not so simple anyway
got it, feel free to PM me
Finally got the flag…! PM for any help…