| |
|
K32.nix
Registerd on: 01/01/1970, 04:00:00
Location::
Posts: 78
|
| |
|
|
|
 |
|
|
doubt,s hints, anything related to this chal...post here!
|
|
|
| |
|
|
Ratinho
Registerd on: 01/01/1970, 04:00:00
Location::
Posts: 52
|
| |
|
|
|
|
|
|
mhmhhm =\
hint plz :S
brute force on the folders and files??? :s
|
|
|
| |
|
|
cp77fk4r
Global Admin
Registerd on: 01/01/1970, 04:00:00
Location::
Posts: 621
|
| |
|
|
|
|
|
|
try to do this chall with sniffer
|
|
|
| |
|
|
K32.nix
Registerd on: 01/01/1970, 04:00:00
Location::
Posts: 78
|
| |
|
|
|
|
|
|
The only thing i can't understand are those "|"... =P
shouldn't it be "/"?
|
|
|
| |
|
|
cp77fk4r
Global Admin
Registerd on: 01/01/1970, 04:00:00
Location::
Posts: 621
|
| |
|
|
|
|
|
|
K32.nix
Registerd on: 01/01/1970, 04:00:00
Location::
Posts: 78
|
| |
|
|
|
|
|
|
I've got the message with "arrays"... i tried to unescape() it... (i think i'm not on the right way) and i got those "|" intead of what i thought it should be.."/".
Any light at the tunnel's end?
|
|
|
| |
|
|
zEt0s-
Registerd on: 01/01/1970, 04:00:00
Location::
Posts: 130
|
| |
|
|
|
|
|
|
Dude, i'm not sure we talk about the same lvl :P
|
|
|
| |
|
|
Ratinho
Registerd on: 01/01/1970, 04:00:00
Location::
Posts: 52
|
| |
|
|
|
|
|
|
| cp77fk4r: | | try to do this chall with sniffer |
well i tried again....but i found only the regular http requests...and some tcp but not something helpful...
|
|
|
| |
|
|
cp77fk4r
Global Admin
Registerd on: 01/01/1970, 04:00:00
Location::
Posts: 621
|
| |
|
|
|
|
|
|
sometimes, regular http req or _cookies_ can be very helpful to locate directory on a server...
and it's a very big hint!
|
|
|
| |
|
|
Ratinho
Registerd on: 01/01/1970, 04:00:00
Location::
Posts: 52
|
| |
|
|
|
|
|
|
ok passed
ppl, u need to delete the cookies of the forum for this level...pay attention!
|
|
|
| |
|
|
Garfield
Registerd on: 01/01/1970, 04:00:00
Location::
Posts: 7
|
| |
|
|
|
|
|
|
I deleted cache & cookies, and the only thing i get after refrshing the page is a new cookie with a new phpsessid
I sniffed with wireshark too, without luck
|
|
|
| |
|
|
cp77fk4r
Global Admin
Registerd on: 01/01/1970, 04:00:00
Location::
Posts: 621
|
| |
|
|
|
|
|
|
Try to think how can you use this session to locate the file that create it!
|
|
|
| |
|
|
Garfield
Registerd on: 01/01/1970, 04:00:00
Location::
Posts: 7
|
| |
|
|
|
|
|
|
Passed now. The idea came just after writing my message above :)
|
|
|
| |
|
|
cp77fk4r
Global Admin
Registerd on: 01/01/1970, 04:00:00
Location::
Posts: 621
|
| |
|
|
|
|
|
|
tomer321
Registerd on: 01/01/1970, 04:00:00
Location::
Posts: 120
|
| |
|
|
|
|
|
|
i read your posts but i still don't know what to do with the phpsessid cookie or the http request... help please
|
|
|
| |
|
|
cp77fk4r
Global Admin
Registerd on: 01/01/1970, 04:00:00
Location::
Posts: 621
|
| |
|
|
|
|
|
|
Try to read about session and session flexing.
|
|
|
| |
|
