Smasher2

2

Comments

  • Type your comment> @n0x90 said:

    dzonerzy dropped a hint - I'm sure he won't mind me sharing: user: admin, password beginning wth C. common.

    thanks dzonerzy :heart:

    sorry make that an 'a', no its DEFINITELY A 'C' rockyou baby

    Is this true, been rocking it for a long time now.......

  • edited June 2019

    What a beauty root, love it ... truly...
    Anyone here to discuss the ways for the user :D ? I'm curious about the methods to get it s:
    btw, why this smasher2 box gives no badge ? :open_mouth:
    cheers!

  • Type your comment> @keithschm said:

    Type your comment> @n0x90 said:

    dzonerzy dropped a hint - I'm sure he won't mind me sharing: user: admin, password beginning wth C. common.

    thanks dzonerzy :heart:

    sorry make that an 'a', no its DEFINITELY A 'C' rockyou baby

    Is this true, been rocking it for a long time now.......

    )It is true but grep for "c" (lowercase c)

  • Can anyone PM some hints on dissembling the **.o file. I am using ghidra but I am new to it and cant seem to find what I am looking for

  • Root was freaking awesome! Never had to do that before and it was so much fun creating a working exploit! :D

    Xentropy
    Null | Nada- | Zip | Diddly | Zilch+

  • Loved it <3.

    MrR3boot
    Learn | Hack | Have Fun

  • what tool did everyone use for the initial brute, seems to be taking forever using metasploit module even using the hint in this forum about grepping "c"
  • Type your comment> @badman89 said:

    what tool did everyone use for the initial brute, seems to be taking forever using metasploit module even using the hint in this forum about grepping "c"

    hydra

    Hack The Box

  • Would anyone be willing to PM me a nudge for the .y and .o file part? I'm slowly understanding them but it's taking me quite a bit to push onward... Any/all help is welcome and greatly appreciated :)


    Hack The Box
    defarbs.com | Retired Machine Writeups! - "Let me just quote the late, great Colonel Sanders, who said, 'I'm too drunk... to taste this chicken.'”

  • Does anybody have some time and will to give me a nudge to proceed further ?
    I worked on .y and not sure if Fla... solution is right path.
    Thank you in advance for anything.

  • Type your comment> @farbs said:

    Would anyone be willing to PM me a nudge for the .y and .o file part? I'm slowly understanding them but it's taking me quite a bit to push onward... Any/all help is welcome and greatly appreciated :)

    stuck at same stage

  • Wow!! that message "you must think outside the box" is a understatement.

    Hints for user: https://stackoverflow.com/questions/4162642/single-vs-double-quotes-in-json

    Hints for root: Pray.

  • This one is great fun but I'm stuck :D A nudge in how to get the manager key would be appreciated. Thought I could download the source / 'that log' with the data to generate the key in with another call, but so far no joy. Can see the end result, easy to get the local version to work, but need the final piece of the puzzle.

    Guess I could brute a bunch of keys with the function from the source and chuck them at the thing?

    trying hurder anyway...

  • edited June 2019

    Type your comment> @ashr said:

    This one is great fun but I'm stuck :D A nudge in how to get the manager key would be appreciated. Thought I could download the source / 'that log' with the data to generate the key in with another call, but so far no joy. Can see the end result, easy to get the local version to work, but need the final piece of the puzzle.

    Guess I could brute a bunch of keys with the function from the source and chuck them at the thing?

    trying hurder anyway...

    Hah! NVM! Forgot about the name of the box.

    RE: Well i can segfault it but that's where my skills die...can't do the python-dbg gdb thing. If there's another way hook me up. Got about 14 million keys generated, but surely that's not the way to do this :disappointed:

  • edited June 2019

    Type your comment> @johnnyz187 said:

    Wow!! that message "you must think outside the box" is a understatement.

    Hints for user: https://stackoverflow.com/questions/4162642/single-vs-double-quotes-in-json

    Hints for root: Pray.

    This a good hint for user, but not for root))
    Could somebody give a hint for root?

  • Managed to get a****y but got 403 when use it…

  • Disappointed with the root, looks like the author copied the second stage from somewhere without modifying it at all.

  • Stuck here trying to brute force web links. Is there any special kind of tool or reading required to get moving on this box? I only have the /b***** directory.

  • Finally rooted. Very fun box!

  • Nice box. Ready for smasher3 :)

  • I can't find any way to root. I have tried pretty much any standard procedure. Could anyone enlighten me? Thanks!

  • NVM, rooted! Awesome box.

  • EXTREMELY disappointed. I rooted it a couple of hours ago since the whole script is online... I then moved on to trying to root it with some unintended method, so I actually felt like i deserved to root the box... the whole thing was enumeration and copy/pasting lmfao...

    OSCP | TMHC CTF

  • edited July 2019

    .

  • edited July 2019

    .

  • where is my badge? :(

  • Type your comment> @tabacci said:

    Two hackers compromised this box, and one marked it as very hard while other marked as very easy. I wander why some people mark very hard boxes as very easy? What does that mean?

    Obviously it could not be really very easy. How is it possible to spend several hours for researches and say that it was very easy?)

    Well to say this it took about 1 hour 19 minutes to get the password cracked than it took me about 10 seconds to spot the hole in the python code for A**h.*y I am not trying to sound like an ass but the hardest part about that was the blacklist bypass and again that took a team member literally 5 minutes so the reason 1 rated it as easy is simply it is

    the root jesus i'm bashing my head off a wall that i wont profess to know shit about yet

    but we obv didn't do it at once we went to bed so we didn't go for blood and its 60 days plus i'm just stating besides the htauth mess this is by no means a 7 hour to user box like i said we did it in roughly 2

  • Can someone help with API key. I think I manage to write correct "job" so that it can bypass WAF.. and now I'm stuck at API key :(

  • This might be weird, but is the landing page supposed to be the default Apache page? I already discovered b***** and emulated my copy of a*. using a docker image. My setup provides me with a session token, which I have yet to experience the web-server give me one.

  • Could somebody give a hint for root?

Sign In to comment.