FLAG Context Fortress
by y0ukn0wm3 - October 24, 2020 at 03:32 PM
#1
Smile 
This thread is created for sharing the thoughts and tips and tricks for the fortress, please dont spam it with links to other thread or selling stuffs

First flag:
But we have SSL?:
The flag is found in one of the source pages and creds for logging into the admin can be found there
Reply
#2
Yeah, I also got this step, did you get next step?
Reply
#3
nmap shows port 3389 rdp, tried to login with the credentials on source, but failed
Reply
#4
Its a sql injection in the admin panel
Reply
#5
hints for the sql injection?? ?
Reply
#6
(October 26, 2020 at 04:28 PM)Jac0810 Wrote: hints for the sql injection?? ?


Hidden Content
You must register or login to view this content.
Reply
#7
(October 26, 2020 at 04:28 PM)Jac0810 Wrote: hints for the sql injection?? ?


When we have the credits and access https://10.13.37.12/Admin/Management we can see that we can add products, if we add quotes in certified we see that it throws us an error, which made me think that it is a syntax error, so we add 1 ") - - and it marks us that we successfully add the product, you can intercept the request with BurpSuite and use sqlmap -r request-addproduct and get sql based on time, stack queries, etc
Reply
#8
yeah got some flag on the DB but stuck after that
Reply
#9
(October 27, 2020 at 04:25 AM)drmonkey1 Wrote: yeah got some flag on the DB but stuck after that

congrats I stuck on that phase lol
Reply
#10
(October 27, 2020 at 04:25 AM)drmonkey1 Wrote: yeah got some flag on the DB but stuck after that

I'm stuck trying to inject with sqlmap, but getting nowhere until now...
How did you do the injection?
Reply
#11
(October 28, 2020 at 09:50 AM)raidmail2020 Wrote:
(October 27, 2020 at 04:25 AM)drmonkey1 Wrote: yeah got some flag on the DB but stuck after that

I'm stuck trying to inject with sqlmap, but getting nowhere until now...
How did you do the injection?

Yeah, it's a matter of resetting the Fortress after a while...
It takes ages to complete...
Reply
#12
any write up for this "box"?
greetings!
Reply

Possibly Related Threads…
Thread Author Replies Views Last Post
SELLING HTB Context WRITEUP (up to 6th flag) raidmail2020 2 422 November 26, 2020 at 10:07 PM
Last Post: raidmail2020
SELLING CONTEXT ALL 7 FLAGS (only 8 credits) 0xvijay 1 292 November 25, 2020 at 06:03 PM
Last Post: Kali76
SELLING Context 6th & 7th Flag liveartic12 9 288 November 25, 2020 at 06:01 PM
Last Post: Kali76

 Users browsing this thread: 2 Guest(s)