Official Knife Discussion

Official discussion thread for Knife. Please do not post any spoilers or big hints.

«13456

Comments

  • My first release! I'm trash but I can't wait to give it a shot

  • is this machine working for you guys? I get an error message saying the machine isn't released yet but it was supposed to be 7 mins ago.

  • Type your comment> @Notorious1 said:

    is this machine working for you guys? I get an error message saying the machine isn't released yet but it was supposed to be 7 mins ago.

    actually ignore me Google converted UTC to GMT to be the same time

  • First time trying a Release Arena...gl all

  • Wow found nothing with 40 mins of enum any nudges you guys?

  • Spoiler Removed

  • Type your comment> @Lalith71 said:

    Wow found nothing with 40 mins of enum any nudges you guys?

    same here any nudges? Thanks

  • The machine is rated 2.5 by now, and the first 25 players succeeded somehow. After searching for more than an hour without any progress this just frustrates me.

  • Same boat here. These guessing games make the box harder

    ruskii

  • @ruskii said:
    Same boat here. These guessing games make the box harder

    It's probably the stupidest shit that I ignored somehow

  • Type your comment> @Markerpullus said:

    @ruskii said:
    Same boat here. These guessing games make the box harder

    It's probably the stupidest shit that I ignored somehow

    Did you find something?

    ruskii

  • Type your comment> @ruskii said:

    Type your comment> @Markerpullus said:

    @ruskii said:
    Same boat here. These guessing games make the box harder

    It's probably the stupidest shit that I ignored somehow

    Did you find something?

    Nope i am struggling

  • Spoiler Removed

  • Spoiler Removed

  • Spoiler Removed

  • once you identify the version of a specific service, make sure to research a bit because it could take some time to find anything.

    v1ew-s0urce.flv
  • rooted. And rated it 1 Star. Really didn't like it and didn't learn anything on it.

  • Foothold: the box is highly rated as CVE. Just because there isn't a wordpress or something else running doesn't mean something below can't be vulnerable
    User: it's granted
    Root: the vector should be found via about the first command you should run as user. If you're familiar with it, good for you. If not try it and look for something that sounds very promising at first glance already.

    rowra

  • This is a box that makes you want to improve your googling skills. I had the right idea for user but struggled for quite some time until I found what I was looking for.

    Root was very obvious but I still missed the simple command that could be used in the large amount of help text.

    f1rstr3am

  • Damn, finally rooted after 2 hours of googling. User flag got me stuck for a long time and google just won't show me the stuff I wanted to see lol

  • Why doesn't Nikto flag this right away ?!?

    lebutter
    eCPPT | OSCP

  • Rooted!

    [email protected]:/opt# id && hostname && ifconfig
    uid=0(root) gid=0(root) groups=0(root)
    knife
    ens160: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
            inet 10.10.10.242  netmask 255.255.255.0  broadcast 10.10.10.255
            inet6 dead:beef::250:56ff:feb9:befe  prefixlen 64  scopeid 0x0<global>
            inet6 fe80::250:56ff:feb9:befe  prefixlen 64  scopeid 0x20<link>
            ether 00:50:56:b9:be:fe  txqueuelen 1000  (Ethernet)
            RX packets 2722013  bytes 412311064 (412.3 MB)
            RX errors 0  dropped 66  overruns 0  frame 0
            TX packets 2509092  bytes 1106488505 (1.1 GB)
            TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0
    

    What fooled me was the 'CVE' rate matrix. This is not a traditionally CVE as we all know, however it is easy to find, just a bit of Googling ;)

  • Stuck working on this for a few hours with no foothold. I see the p*p version but not sure if I'm going down a rabbithole. Any nudges :pensive: ?

  • Type your comment> @elveskevtar said:

    Stuck working on this for a few hours with no foothold. I see the p*p version but not sure if I'm going down a rabbithole. Any nudges :pensive: ?

    google google google thats the secret and sometimes even some chinese could help :wink:

  • Stuck on foothold, any nudges. Trying to Google the software without any luck...

  • edited May 22

    Got user foothold. Indeed, enumerate specific version of specific service, then google. Also, as mentioned by @adminseeker , some chinese dudes might help :) Now going to root the s.it out of it...

  • Foothold was definitely frustrating, but root is pretty quick and straightforward. Foothold is pretty hard to nudge on without giving it away. The folks in here have already given some good hints.

  • i both love and hate this lol. easy for a relaxing saturday afternoon just user your google-fu :P

    jessica0f0116

  • rooted. feel free to message me for hints

  • The challenge of getting user felt contrived (the hints were very helpful, thanks). But getting root actually forced me (a noob) to learn a couple things, which was nice.

Sign In to comment.