Patents

edited January 18 in Machines

Shall we start? Almost an hour for the release of this "insane" machine!

«134

Comments

  • Is this gonna be RE part 2?

    clubby789

    • GCIH
      If you need help with something, PM me how far you've got already, what you've tried etc (I won't respond to profile comments). And remember to +respect me if I helped you ; )
  • I get a Ghoulish feeling from this one

    ”No questions a stupid question”
    <img src="https://www.hackthebox.eu/badge/team/image/1805" alt="Hack The Box">
  • Does this "error" suppose to take u somewhere or just bad file format?

    Hack The Box

  • dirb is outputting a lot of things! could be rabbit hole or not!

  • Type your comment> @vu1ns0c said:

    Does this "error" suppose to take u somewhere or just bad file format?

    Also getting a JVM error, could be a rabbit hole....

  • docx2pdf? I think some Win thingy is taking place. Solar

  • This box is a very chonky boy.

    So-very-slow

  • The first vuln seems almost too obvious, but I can't come up with a working proof in spite of all I've read about related exploits. Feels like I've read too much in one sitting and lost focus.

    Does anyone have a lead on some good study material?

  • @t4nt said:

    The first vuln seems almost too obvious, but I can't come up with a working proof in spite of all I've read about related exploits. Feels like I've read too much in one sitting and lost focus.

    Does anyone have a lead on some good study material?

    I am in an identical position I think. I've tried a few things which I thought would work but so far, nothing.

    It's a bit frustrating because I can't tell if it is my own incompetence or if the approach is wrong :smile:

    Still, onwards and upwards, once more unto the breach (etc).

  • 3 hours and no blood. Somethings going on here

    clubby789

    • GCIH
      If you need help with something, PM me how far you've got already, what you've tried etc (I won't respond to profile comments). And remember to +respect me if I helped you ; )
  • Tough box.

  • edited January 19

    I am assuming there should be a vulnerability with the upload feature. Am I right? or nobody knows yet?

  • edited January 19

    @TheNerd said:

    I am assuming there should be a vulnerability with the upload feature. Am I right? or nobody knows yet?

    I suspect, "no one knows yet" is the correct answer.

  • This box seems crazy hard so far. Nearly 6 hours and one blood. Barely found anything myself

    clubby789

    • GCIH
      If you need help with something, PM me how far you've got already, what you've tried etc (I won't respond to profile comments). And remember to +respect me if I helped you ; )
  • I am suspecting the way to this box is through the upload function and I think it's vulnerable to XXE.

    Some errors I got mentioned there is an issue with libreoffice, but I am not sure if this is the way to the box.

  • edited January 19

    Type your comment> @D8ll0 said:

    I am suspecting the way to this box is through the upload function and I think it's vulnerable to XXE.

    Some errors I got mentioned there is an issue with libreoffice, but I am not sure if this is the way to the box.

    These are my thoughts too. Perhaps mimicking the service locally will be beneficial..?

    Hack The Box

  • looks like ssrf in upload

  • I found a technique on mitre website that has to do with Microsoft’s Open Office XML.

  • edited January 20

    maybe

  • Found a way to force patent to download something from my webserver. Now it's about exploiting it :)

  • There is a php version of the visible html page. I think it is the way in considering the comments in it.
  • 6 users till now ? lol im gonna skip dis

    Arrexel

  • Over 24 hours and no root... I think "Hard" was an understatement for this box.

    I cant even get the first foothold!

  • We are on the same point I am looking for a small point of support too. this car is more than insane

    nemen91

  • Finally get a ping back, and I'm told it won't help ;_;

    clubby789

    • GCIH
      If you need help with something, PM me how far you've got already, what you've tried etc (I won't respond to profile comments). And remember to +respect me if I helped you ; )
  • I think it's time to give some hints about the initial foothold.
    As I could understand by talking to some of you on social channels, the "obvious" vulnerability everybody is talking about is correct, however you are all missing some important information to correctly exploit it.
    Try to use a different wordlist to find something useful in the web app. Maybe some developer left traces of a changelog!
  • Type your comment> @gbyolo said:

    I think it's time to give some hints about the initial foothold.
    As I could understand by talking to some of you on social channels, the "obvious" vulnerability everybody is talking about is correct, however you are all missing some important information to correctly exploit it.
    Try to use a different wordlist to find something useful in the web app. Maybe some developer left traces of a changelog!

    Miiiii! I can't believe it!! My favorite hint! :) (tribute to the webapp user)

  • edited January 19

    So far, even harder than PlayerTwo or Rope. This machine is destroying me. Kudos @gbyolo for creating a nasty box. You've got me beat. Not sure about the "Hard" categorization though – this one is a doozy!

    Don't have user yet, but I think I know what I need to look at. Your hint helped me realize I wasn't too far off track.

    Edit: Gotta love when there's one root blood and then magically 4 people root it straight after.

    Coincidence-I-think-Not


    Hack The Box
    defarbs.com | Retired Machine Writeups! - "Let me just quote the late, great Colonel Sanders, who said, 'I'm too drunk... to taste this chicken.'”

  • Type your comment> @farbs said:

    Don't have user yet, but I think I know what I need to look at.

    I know that feeling... not quite enough though in my case haha!
    Insane box @gbyolo - nice find

    Hack The Box

  • Five people have rooted it now... That's quite impressive given that for the first day only six had even got user.

Sign In to comment.