TUTORIAL Phonebook Discussion
by internet dreams - October 30, 2020 at 10:54 PM
#1
yo guys did you find somthn?
#2
(October 30, 2020 at 10:54 PM)Saexlean Wrote: yo guys did you find somthn?

Sir, what the fuck. This is not a tutorial.
#3
What the fuck is this thread about and why does it have the tutorial prefix?
#4
I have the flag here:
Hidden Content
You must register or login to view this content.


and the writeup here:
Hidden Content
You must register or login to view this content.
#5
That's how you write a tutorial. Kudos @Saexlean
#6
this is as simple ldap injection
#7
(November 07, 2020 at 09:53 PM)Ro0ted Wrote: this is as simple ldap injection

yes, clear how to bypass the login...but when we have full access to phonebook...where we can find the flag ?
#8
(November 08, 2020 at 01:35 AM)davider74 Wrote:
(November 07, 2020 at 09:53 PM)Ro0ted Wrote: this is as simple ldap injection

yes, clear how to bypass the login...but when we have full access to phonebook...where we can find the flag ?

The flag is reese’s password that you have to find with the ldap injection
#9
how do you modify the request to get the password?

{
"term":"reese"
}
#10
login request
simple ldap injection
#11
LDAP injection username=reese*&password=*
#12
(November 11, 2020 at 08:01 PM)Masterofntn Wrote: LDAP injection username=reese*&password=*

Thx but I get just a response with a Cookie. Nt the password?

Possibly Related Threads…
Thread Author Replies Views Last Post
TUTORIAL ATTENDED [DISCUSSION] 0xvijay 40 5,104 6 hours ago
Last Post: Buttmuncher
FLAG HTB Web Challenge Phonebook Flag felisleo 1 288 January 10, 2021 at 10:31 PM
Last Post: thecrackingdude
FLAG [HTB Chall] Phonebook visual_hd 0 197 December 17, 2020 at 05:02 AM
Last Post: visual_hd

 Users browsing this thread: 1 Guest(s)