User

@anonymous


Hidden Admin

Re: Hidden Admin  

  Por: shellterlabs em 3 de Outubro de 2017 às 11:11

The challenge should be working properly. With you still facing any kind of problem, send us an e-mail at: contact@shellterlabs.com

Re: Hidden Admin  

  Por: bin em 4 de Outubro de 2017 às 19:09

The challenge is not working.

Re: Hidden Admin  

  Por: Sql3t0 em 5 de Outubro de 2017 às 20:42

Whats Up Bin ...\m/ !! - works fine for me.Try clear your cache or open your browser in anonimous mode.

Re: Hidden Admin  

  Por: mprotasio em 28 de Outubro de 2017 às 10:08

Can you please check if it's working? The success.txt file did not show the content.

Re: Hidden Admin  

  Por: VitorSubhi em 16 de Novembro de 2017 às 19:14

I'm getting problem to "Access the Challenge". It loads a page on Port: 32805. But it don't open... Can you check if it is working properly please?

Re: Hidden Admin  

  Por: vGribel em 27 de Novembro de 2017 às 19:06

Burp is working and I found and changed the cookie there, but when I click "Go" on Repeater Tab, the cookie returns to false.

What I'm doing wrong?

PS.: trying this on the initial page, didn't found admin page yet.

Edit: SOLVED!


 Última edição por: vGribel em 28 de Novembro de 2017 às 03:37, 1 tempo total de edição.

plz, Help-me  

  Por: przero em 30 de Novembro de 2017 às 21:35

I am really very noob on this subject, and I need a powerful help if you can tell me where to study and improve knowledge so I can solve it without problems, I would be grateful

Re: Hidden Admin  

  Por: Citizen21 em 1 de Dezembro de 2017 às 13:02

Hi everyone! I am not sure if the challenge is not working or I am missing something but when I used Burp to intercept the http frame, the cookies header didn't have any is_admin or admin parameters. There were 2 parameters only, one was the _GA and the other _GID and I don't think they should be used to solve this challenge. I didn't find any encrypted message in the http header. I hope someone of you can help me. Cheers.

Re: Hidden Admin  

  Por: Virgínia em 5 de Dezembro de 2017 às 01:23

The challenge is working. You should read the Web Application Basics page again. Everything you need is there.

Re: Hidden Admin  

  Por: brainiak em 13 de Dezembro de 2017 às 01:50

Não estou conseguindo achar a resposta, alguém pode dar uma dica?

Re: Hidden Admin  

  Por: Narck em 15 de Dezembro de 2017 às 21:35

All you need to be in lesson two. Read the sixth paragraph again to the end, and I believe you will find the answer.

Hints:

"Another thing you should always check is the robots.txt file." "Cookies are also worth looking at..."

good lock

Re: Hidden Admin  

  Por: Estudanteseg em 16 de Dezembro de 2017 às 21:26

Look likes simple in the beggining but you need to be curious and search a little more about the use of robots and burpsuite...

Student Security Beginner Estudante de Segurança Iniciante

Re: Hidden Admin  

  Por: Panzki em 23 de Janeiro de 2018 às 22:33

Hey, everyone I just want to try out the first web challange. I found the hidden secret in the tutorial. When I start the challange enviorment and try to access the webserver the request always times out. Is the challage still working properly?

Greetings

Re: Hidden Admin  

  Por: Casper404nf em 1 de Fevereiro de 2018 às 03:29

Yes it is. I just completed it.

Re: Hidden Admin  

  Por: FedeCuci em 27 de Fevereiro de 2018 às 11:09

Hey guys, I go to the page http://lab.shellterlabs.com:33476/admin-login/ but I see no login... I just see the same page. I am kind of confused because I am trying to use Burp to get the cookie, but I first need a place to login in order to succesfully get the cookie with Burp. Source: https://support.portswigger.net/customer/portal/articles/1964073-using-burp-to-hack-cookies-and-manipulate-sessions Am I doing something wrong?