FLAG Context Fortress
by y0ukn0wm3 - October 24, 2020 at 03:32 PM
#25
Who can give directions to the sixth flag?
#26
(January 01, 2021 at 04:26 PM)Adisfer Wrote: Who can give directions to the sixth flag?

or you can get like this

6th flag of context Hidden Content
You must register or login to view this content.
#27
(January 01, 2021 at 04:40 PM)felisleo Wrote:
(January 01, 2021 at 04:26 PM)Adisfer Wrote: Who can give directions to the sixth flag?

or you can get like this

[Hidden Content]

Thank you, but I'm more interested in understanding how to come to this flag.
#28
Yes, PLS small manual about flags 6 and 7?
#29
Any help on 6th (I already have shell as jay.teignton)?
#30
sudo sqlmap -r request.txt --random-agent --force-ssl --technique=T --dbms=mssql --dbs

[11:40:14] [WARNING] heuristic (basic) test shows that POST parameter 'certified' might not be injectable
[11:40:15] [INFO] testing for SQL injection on POST parameter 'certified'
[11:40:15] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (query SLEEP)'
[11:40:22] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[11:40:28] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind (IF)'
[11:40:35] [INFO] testing 'Oracle AND time-based blind'
[11:40:42] [WARNING] POST parameter 'certified' does not seem to be injectable


any solution
or plz someone share with us the second flag and the credential to pass to the next step (flag 3)
Thanks
#31
any help with 5th flag? I'm trying to connect to linked server but can't find creds
#32
(December 15, 2020 at 11:15 PM)qwerr Wrote: Trading all Flags for ImageTok / nginxatsu

I have ImageTok wanna trade? and nginxatsu script too.

PM Please
#33
(October 26, 2020 at 05:26 PM)BL4CK-3Y3 Wrote:
(October 26, 2020 at 04:28 PM)Jac0810 Wrote: hints for the sql injection?? ?


When we have the credits and access https://10.13.37.12/Admin/Management we can see that we can add products, if we add quotes in certified we see that it throws us an error, which made me think that it is a syntax error, so we add 1 ") - - and it marks us that we successfully add the product, you can intercept the request with BurpSuite and use sqlmap -r request-addproduct and get sql based on time, stack queries, etc

sqlmap saying connection timed out to the target URL.
#34
(January 17, 2021 at 05:27 AM)modamanitha Wrote:
(October 26, 2020 at 05:26 PM)BL4CK-3Y3 Wrote:
(October 26, 2020 at 04:28 PM)Jac0810 Wrote: hints for the sql injection?? ?


When we have the credits and access https://10.13.37.12/Admin/Management we can see that we can add products, if we add quotes in certified we see that it throws us an error, which made me think that it is a syntax error, so we add 1 ") - - and it marks us that we successfully add the product, you can intercept the request with BurpSuite and use sqlmap -r request-addproduct and get sql based on time, stack queries, etc

sqlmap saying connection timed out to the target URL.

use --force-ssl
#35
Is there someone , who can tell me where i can see the 2nd Flag from the sqldump , i managed to get the credentials , but i cant see a flag
#36
(January 19, 2021 at 10:30 AM)dragobooste Wrote: Is there someone , who can tell me where i can see the 2nd Flag from the sqldump , i managed to get the credentials , but i cant see a flag

try again didn't get flag 3 times one last time got flag
use new capture

Possibly Related Threads…
Thread Author Replies Views Last Post
SELLING CONTEXT ENDGAME ALL FLAGS (FREE) quas4r 1 117 Yesterday at 10:08 AM
Last Post: orangutang
FLAG HTB CHALLENGE, FORTRESS ALL FLAG staymkz 16 3,564 March 03, 2021 at 03:35 AM
Last Post: hehe6873
FLAG HTB Fortress Flags Jet bugbunny 0 211 February 28, 2021 at 03:39 PM
Last Post: bugbunny

 Users browsing this thread: 1 Guest(s)