Dashboard Articles Playground Discussions More
Follow

Stuck..

DuesEx333
6 years ago

0

I am a little stuck on this one, I am trying to not use the firefox tamper tools and would like to do it from the developer tools in chrome. I want to understand this so I may have to private message someone before I go into too much detail. I found the .swf file and I see the traffic when I refresh the page. I dont understand how to change any of this, I wrote some html but not sure how to apply it.

15replies
6voices
283views
dimooz
6 years ago

0

Ok, feel free to PM me when you’re stuck exactly. Maybe I could give you additional hint?

 

Image

salexander
6 years ago

0

same here. i’m having a problem editing the url in the flash file, if that’s the direction i’m supposed to be going in.

dimooz
6 years ago

0

It’s doable, even if there are other ways.

 

Image

salexander
6 years ago

0

finally able to manipulate the flash file… still stuck as to how to upload it and make it work…

Mugi [Mugiwara27]
6 years ago

1

If you’re trying to re-upload it then you’re in the wrong way, do it another way :)

 

You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ‘\’‘ at line 1

salexander
6 years ago

0

still nothing….. i’ve tried to manipulate the initial words that would reflect what the swf file is displaying… nothing

able to save the file off server and manipulate it, but not able to have it reflected on the site…. there’s something that’s missing and i cannot put my finger on it that will connect the dots

dimooz
6 years ago

0

Read the level hint again, and think twice.

How would have you done it if there wasn’t a .swf file but just a simple form to send data to server?

 

Image

salexander
6 years ago

0

Can someone jump in my messages? still stuck but think i’m finding my way and don’t want to give out any spoilers

dimooz
6 years ago

0

Sure, send me a PM if needed.

 

Image

sterlingRory
6 years ago

0

Is this what were supposed to do? I know most of the levels don’t require any installation, but I can’t seem to figure out how else to intercept the .swf file that flash is sending to the server… https://initblog.com/2017/pentesting-flash/

sterlingRory
6 years ago

0

I’m currently trying to use Cheat Engine, and I’m not getting anywhere… yet…

dloser
6 years ago

0

There is no .swf sent to the server and Cheat Engine is a bit overkill here. Everything you need to do can be done with your browser, I think.

dimooz
6 years ago

0

You really don’t need anything else than a browser. You can try to run the flash file locally in order to see how it works, if you need, or you can try guessing how the .swf file send info to the server in order to complete the challenge.

 

Image

sterlingRory
6 years ago

0

Everyone’s saying different things….

Mugi [Mugiwara27]
6 years ago

0

Np, we’re saying the same thing but in our own manner, that’s why it looks different :p

Keep reading threads and trying things by your own. But if you’re really that lost, feel free to PM explaining what you’ve tried so far

 

You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ‘\’‘ at line 1

You must be logged in to reply to this discussion. Login
1 of 16

This site only uses cookies that are essential for the functionality of this website. Cookies are not used for tracking or marketing purposes.

By using our site, you acknowledge that you have read and understand our Privacy Policy, and Terms of Service.

Dismiss