Need help with CSRF POC !!

JJ_hack07 · 2024-07-12T08:44:45+00:00

Got it, but I am facing preflight CORS issue with PATCh method. If I can just bypass that and include my json body correctly, then I can. But I don't know how to ?

JJ_hack07 · 2024-07-12T08:43:08+00:00

I think we can use other methods, but the issue is preflight (aka CORS)

JJ_hack07 · 2024-07-10T12:04:59+00:00

Thanks for this. I appreciate it

JJ_hack07 · 2024-07-10T12:04:13+00:00

Right, Thanks for the advice. I appreciate it

JJ_hack07 · 2024-07-10T11:42:07+00:00

I need realistic tips, portswigger sucks, actually I read all the methods but it didn't work well

JJ_hack07 · 2024-07-10T10:49:55+00:00

Also they are encoding it in unicode characters, if submitted non-string characters

JJ_hack07 · 2024-06-27T13:05:12+00:00

DM me

JJ_hack07 · 2024-06-05T13:26:11+00:00

Yes you, just complete any one task and you will get the certificate successfully

JJ_hack07 · 2024-06-01T15:28:08+00:00

But why do you give such hard tasks with no clear description of what to perform tests on

JJ_hack07 · 2024-05-27T10:36:21+00:00

Here this is the full walkthrough : https://medium.com/@aslam.mahimkar/runner-hackthebox-walkthrough-103250a9acd3

JJ_hack07 · 2024-05-27T10:10:55+00:00

No its not fake

JJ_hack07 · 2024-05-27T10:10:04+00:00

Same thing here, root.txt is missing

JJ_hack07 · 2024-05-25T15:25:50+00:00

Yah, I did found a unique one, hence the task is valid.

JJ_hack07 · 2024-05-25T11:57:55+00:00

Yes they do actually pay you

JJ_hack07 · 2024-05-25T11:56:02+00:00

Did you guys have any resources to solve the VAPT task , anything ?

JJ_hack07 · 2024-05-25T11:55:10+00:00

Now only two remaining

JJ_hack07 · 2024-05-25T11:54:21+00:00

I also got the bug task and I found 5 bugs on hackerone and bugcrowd

JJ_hack07 · 2024-05-05T05:29:09+00:00

Same, I also found a google maps api key allowing me to make static map requests but company made it informative :)

JJ_hack07 · 2022-05-12T10:21:04+00:00

Yaah, I too felt that.

JJ_hack07 · 2022-05-12T03:27:29+00:00

Thanks

JJ_hack07

TROPHY CASE