[Adisfer]

Who can give directions to the sixth flag?

[felisleo]

Who can give directions to the sixth flag?

or you can get like this

6th flag of context Hidden Content

You must register or login to view this content.

[Adisfer]

Who can give directions to the sixth flag?

or you can get like this

[Hidden Content]

Thank you, but I'm more interested in understanding how to come to this flag.

[orangutang]

Yes, PLS small manual about flags 6 and 7?

[PedroParamo987]

Any help on 6th (I already have shell as jay.teignton)?

[dafdo]

sudo sqlmap -r request.txt --random-agent --force-ssl --technique=T --dbms=mssql --dbs

[11:40:14] [WARNING] heuristic (basic) test shows that POST parameter 'certified' might not be injectable
[11:40:15] [INFO] testing for SQL injection on POST parameter 'certified'
[11:40:15] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (query SLEEP)'
[11:40:22] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[11:40:28] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind (IF)'
[11:40:35] [INFO] testing 'Oracle AND time-based blind'
[11:40:42] [WARNING] POST parameter 'certified' does not seem to be injectable


any solution
or plz someone share with us the second flag and the credential to pass to the next step (flag 3)
Thanks

[luis0x10]

any help with 5th flag? I'm trying to connect to linked server but can't find creds

[hicruelworld]

Trading all Flags for ImageTok / nginxatsu

I have ImageTok wanna trade? and nginxatsu script too.

PM Please

[modamanitha]

hints for the sql injection?? ?

When we have the credits and access https://10.13.37.12/Admin/Management we can see that we can add products, if we add quotes in certified we see that it throws us an error, which made me think that it is a syntax error, so we add 1 ") - - and it marks us that we successfully add the product, you can intercept the request with BurpSuite and use sqlmap -r request-addproduct and get sql based on time, stack queries, etc

sqlmap saying connection timed out to the target URL.

[modamanitha]

hints for the sql injection?? ?

When we have the credits and access https://10.13.37.12/Admin/Management we can see that we can add products, if we add quotes in certified we see that it throws us an error, which made me think that it is a syntax error, so we add 1 ") - - and it marks us that we successfully add the product, you can intercept the request with BurpSuite and use sqlmap -r request-addproduct and get sql based on time, stack queries, etc

sqlmap saying connection timed out to the target URL.

use --force-ssl

[dragobooste]

Is there someone , who can tell me where i can see the 2nd Flag from the sqldump , i managed to get the credentials , but i cant see a flag

[modamanitha]

Is there someone , who can tell me where i can see the 2nd Flag from the sqldump , i managed to get the credentials , but i cant see a flag

try again didn't get flag 3 times one last time got flag
use new capture