Opening discussion on the new web challenge Under Construction!!
Great challenge, a little bit of everything.
I do not agree with the message in the flag. The core problem is surely different to the one described in the flag.
After 2 hours I spot the download, still doesnât help me lol
Yeh! Itâs the same for me! After half day I decided to download the zip but still nothing.
Someone of you could give to me some hints? In my opinion it is something like SQL injection because otherwise how can I read the âflag textâ in a website?
Thank you guys!
Awesome challenge !
You have to exploit two things.
For the initial foothold, look at the sweet thing when you are logged in.
Btw, I donât know why you speak about downloading things or maybe there are unintended ways.
Enjoyed the choice of DB. Something different.
Sometimes this error " user ââ> doesnât exist in our database." happens. Is it the right way?
Type your comment> @Ga330 said:
Sometimes this error " user ââ> doesnât exist in our database." happens. Is it the right way?
I think so, maybe it is indicating for sql injection. Because if you see the downloaded files, there is an exception.
My guess is that it is with some Loop SQL Injection 
We need to bypass the sanitizing login firstâŚ
Spoiler Removed
Type your comment> @thecowmilk said:
Type your comment> @Ga330 said:
Sometimes this error " user ââ> doesnât exist in our database." happens. Is it the right way?
I think so, maybe it is indicating for sql injection. Because if you see the downloaded files, there is an exception.
For this challenge I found two different ways but I donât know which one is the best. The first way is to try by using some SQL code to be execute as I mentioned before. The second way could be to make the flag appears once the login is done. And this is why I notice that if you write some javascript code (like alert() message) it will be executed in the main page after login.
So my question are, in your opinion, what is the best way to capture the flag? In the second way (using an alert() message) is it possible to make the flag appear in some how?
Thank you guys!
â â â â ⌠I havenât solved the challenge yet and I commented something which was a spoiler⌠IâM SHOCKED!
@Ga330 said:
Type your comment> @thecowmilk said:Type your comment> @Ga330 said:
Sometimes this error " user ââ> doesnât exist in our database." happens. Is it the right way?
I think so, maybe it is indicating for sql injection. Because if you see the downloaded files, there is an exception.
For this challenge I found two different ways but I donât know which one is the best. The first way is to try by using some SQL code to be execute as I mentioned before. The second way could be to make the flag appears once the login is done. And this is why I notice that if you write some javascript code (like alert() message) it will be executed in the main page after login.
So my question are, in your opinion, what is the best way to capture the flag? In the second way (using an alert() message) is it possible to make the flag appear in some how?Thank you guys!
tbh I have a conclusion that sql is not the the correct way to do it⌠lol
Yeh 
Iâm trying to find a way to see the flag by using javascript. The problem is that I donât know where to find the flag⌠or better I donât know how to interact with DB!
Got something working locally, but breaking on dockerâŚ
XSS is client side. You do not need to hijack an accountâŚ
So imo, XSS or any others clientside attacks are irrevelant here.
Maybe this will help:
- There are 2 vulnerabilities (OWASP top 10 <3)
- Should simply âreadâ the flag, not overthink it
- No need in javascript at all
For me, one popular utility didnât work properly. But python + hands help a lot.
Awesome challenge, had a lot of fun on this one!
Type your comment> @Danr0 said:
Maybe this will help:
- There are 2 vulnerabilities (OWASP top 10 <3)
- Should simply âreadâ the flag, not overthink it
- No need in javascript at all
For me, one popular utility didnât work properly. But python + hands help a lot.
Can you say to me the two vulnerabilities?After two days Iâm still trying to solve itâŚ
Hmm found a certain âprivateâ something⌠Not sure what to do with it though