Forum Discussion

Bronze I

9 months ago

Solved

World Cup Special - Immersive Squad

need help with this lab ,
i have bypassed the cookie to login as croatia manger , even double encoded ../ to get path traversal payload.
still i am getting empty roster as output, (see image attached).
so please help here ?

offensive cyber

Anonymous
6 months ago
Hi sargentv You're on the right lines, but try looking in other directories than just the parent directory (aka ..). You may also find absolute paths useful

3 Replies

netcat
Silver III
9 months ago
Depending on the cookie and query string, there are different outcomes (You are...). Do a few different combinations, write the results down, and think about it.
If you still can't find the solution, write them here for discussion.
IotS2024
Bronze III
8 months ago
this is a little bit odd. try not a relative, maybe try an absolute path :)
Anonymous
6 months ago
Hi sargentv You're on the right lines, but try looking in other directories than just the parent directory (aka ..). You may also find absolute paths useful

Forum Discussion

World Cup Special - Immersive Squad

3 Replies

Featured Places

Help & Support Forum

Related Content

World Cup Special: Immersive Squad

Labs Live Special: The Human Connection Season Finale

Operational CTI: How Immersive Builds Labs for Real-World Threat Preparedness

Immersive GUI

Pen Test CTFs: Immersive Code Q4

Recent Discussions

Trick or Treat on Specter Street: Phantom Pages

FIN7 Threat Hunting with Splunk: Ep.2 – Initial Access

Trick or Treat on Specter Street: Widow's Web

Trick or Treat on Specter Street: Manor of Madness

Trick or Treat: Manor of Madness