Smasher

I got initial larger foothold smasher and then lost the way to get in. Was wondering, is it someone on the box that deleted my "larger foothold" or was it some reset and the foothold i received was an artifact from a previous hack? Do I need to create the ๐Ÿ— or is the ๐Ÿ— supposed to be there?

ยซ13

Comments

  • Server has an active S## so it was there in the first place.

    Hack The Box

  • I reset and it was still gone, so am I to assume who ever is messing with me did it right after reboot. Little shnitzel.

  • Ok did another reset, I have a strong feeling it wasnt there to begin with :s

  • @pykler said:
    I got initial larger foothold smasher and then lost the way to get in. Was wondering, is it someone on the box that deleted my "larger foothold" or was it some reset and the foothold i received was an artifact from a previous hack? Do I need to create the ๐Ÿ— or is the ๐Ÿ— supposed to be there?

    Are you able to run commands on server? I'm only able to read...

  • @madcap said:

    @pykler said:
    I got initial larger foothold smasher and then lost the way to get in. Was wondering, is it someone on the box that deleted my "larger foothold" or was it some reset and the foothold i received was an artifact from a previous hack? Do I need to create the ๐Ÿ— or is the ๐Ÿ— supposed to be there?

    Are you able to run commands on server? I'm only able to read...

    Reading can sure teach you a lot ;)

    drtychai

  • @drtychai said:
    Reading can sure teach you a lot ;)

    I have what I need from the reading part and I've setup a test environment to try to take it further. The hostname hints at the correct path, as usual, but I can't accomplish what it's directing me to do. (I'm trying to keep it vague here).

    I found another very similar example on the internet and was able to accomplish what the hostname suggests in my test environment. However, that example wasn't exactly same. The Smasher example is less complicated in some ways, but more advanced (read: modern) in another. The more advanced part is what I think is tripping me up. I could be wrong, but it's the only thing I can think of right now. I'll keep at it...

    Any slight nudges available at this early point of the machine's life?

  • @zavan said:

    @drtychai said:
    Reading can sure teach you a lot ;)

    I have what I need from the reading part and I've setup a test environment to try to take it further. The hostname hints at the correct path, as usual, but I can't accomplish what it's directing me to do. (I'm trying to keep it vague here).

    I found another very similar example on the internet and was able to accomplish what the hostname suggests in my test environment. However, that example wasn't exactly same. The Smasher example is less complicated in some ways, but more advanced (read: modern) in another. The more advanced part is what I think is tripping me up. I could be wrong, but it's the only thing I can think of right now. I'll keep at it...

    Any slight nudges available at this early point of the machine's life?

    Pretty much stuck at the same point, I can see why this is a 50p machine.

  • i'm stuck at cipher part

    peek

  • So I think I know what I'm looking for in the read part, but it's not there. As @pykler said to start with, the thing I need isn't showing up. Anyone have any advice on this?

  • @NinjaRockstar said:
    So I think I know what I'm looking for in the read part, but it's not there. As @pykler said to start with, the thing I need isn't showing up. Anyone have any advice on this?

    If I uderstand correctly the way going forward, then the stuff (core "meat") is there. But identification and exploitation ... I'm still struggling to find out where and how.

    m4rc1n

  • Stop, Drop and...

    Booj

  • This is a fun box. I don't have it yet but I'm learning a lot and I'm quite sure I'm on the right path now. My only advice is read, research, understand, tinker, and repeat.

  • Can I get a PM with a nudge on this one. I can read but all my go to read locations are not found. A direction would be nice

  • Reading is not enough here. You need to develop.

    m4rc1n

  • Yes seems My initial comment is right, the file was not present to start. You need to gain foothold somehow ... I didnt do it yet, but developing right now

  • I have shell on my own box (setup as identical as I could arrange), but cannot get on smasher. I do not want to spoil but ... is it setup this way that we need to brute-force in order to get shell on smasher? Has somebody got shell without brute-forcing?

    m4rc1n

  • edited June 2018

    by reading the files i found what i believe is the right piece i need, now to develop the poc and start debugging..... curiouser and curiouser

  • @sbridgens said:
    by reading the files i found what i believe is the right piece i need, now to develop the poc and start debugging..... curiouser and curiouser

    This machine is harder than I thought. BF does not seem to be the right way (on my own environment is already running second hour with 7 requests per second (I get DOS when I try faster). It was rather not meant to be BF for hours.
    There must be another way. I found some "attachments" which look quite promising.

    m4rc1n

  • @macw141 said:

    This machine is harder than I thought. BF does not seem to be the right way (on my own environment is already running second hour with 7 requests per second (I get DOS when I try faster). It was rather not meant to be BF for hours.
    There must be another way. I found some "attachments" which look quite promising.

    I'm in the same place. I have noticed that the server takes a long time to reply (if at all) to simple requests - so maybe it's just that someone else is DOS-ing it.

    drtychai

  • @drtychai said:

    @macw141 said:

    This machine is harder than I thought. BF does not seem to be the right way (on my own environment is already running second hour with 7 requests per second (I get DOS when I try faster). It was rather not meant to be BF for hours.
    There must be another way. I found some "attachments" which look quite promising.

    I'm in the same place. I have noticed that the server takes a long time to reply (if at all) to simple requests - so maybe it's just that someone else is DOS-ing it.

    You can forget BF. This box is just difficult. You need to overcome one difficult thing and then the way to well ... lets say the way to a quite modern technique of bypassing antiBO controls seems to be open (if I'm not mistaken).

    m4rc1n

  • This machine slowly becomes my ... obsession.
    I'm currently at the point where I have already necessary gs (I think) and I can execute them with enabled A, however I cannot finalize my exploit, because it crashes when I try to get what I need (in lets say a few "steps") to get shell.
    If there is someone at the same point or further, then I would appreciate discussion or hint about this.

    m4rc1n

  • edited June 2018

    @madcap said:

    @pykler said:
    I got initial larger foothold smasher and then lost the way to get in. Was wondering, is it someone on the box that deleted my "larger foothold" or was it some reset and the foothold i received was an artifact from a previous hack? Do I need to create the ๐Ÿ— or is the ๐Ÿ— supposed to be there?

    Are you able to run commands on server? I'm only able to read...

    Neither do I. Just read whole files... I don't find anything relevant in order to enter into

  • @n1b1ru said:

    @madcap said:

    @pykler said:
    I got initial larger foothold smasher and then lost the way to get in. Was wondering, is it someone on the box that deleted my "larger foothold" or was it some reset and the foothold i received was an artifact from a previous hack? Do I need to create the ๐Ÿ— or is the ๐Ÿ— supposed to be there?

    Are you able to run commands on server? I'm only able to read...

    Neither do I. Just read whole files... I don't find anything relevant in order to enter into

    Think about the name of the box and look at the files again.

    drtychai

  • edited June 2018

    @drtychai said:

    @n1b1ru said:

    @madcap said:

    @pykler said:
    I got initial larger foothold smasher and then lost the way to get in. Was wondering, is it someone on the box that deleted my "larger foothold" or was it some reset and the foothold i received was an artifact from a previous hack? Do I need to create the ๐Ÿ— or is the ๐Ÿ— supposed to be there?

    Are you able to run commands on server? I'm only able to read...

    Neither do I. Just read whole files... I don't find anything relevant in order to enter into

    Think about the name of the box and look at the files again.

    Anything like BOF ?

  • edited June 2018

    @macw141 said:
    This machine slowly becomes my ... obsession.
    I'm currently at the point where I have already necessary gs (I think) and I can execute them with enabled A, however I cannot finalize my exploit, because it crashes when I try to get what I need (in lets say a few "steps") to get shell.
    If there is someone at the same point or further, then I would appreciate discussion or hint about this.

    removed

    m4rc1n

  • that box requires deep search

    peek

  • @macw141 said:

    @sbridgens said:
    by reading the files i found what i believe is the right piece i need, now to develop the poc and start debugging..... curiouser and curiouser

    This machine is harder than I thought. BF does not seem to be the right way (on my own environment is already running second hour with 7 requests per second (I get DOS when I try faster). It was rather not meant to be BF for hours.
    There must be another way. I found some "attachments" which look quite promising.

    Have not tried BF as I started working on a different angle with a running service but not sure if thats the right way to go yet have not had any time since posting previously so obviously gone no further as yet.

  • edited June 2018

    @sbridgens said:

    @macw141 said:

    @sbridgens said:
    by reading the files i found what i believe is the right piece i need, now to develop the poc and start debugging..... curiouser and curiouser

    This machine is harder than I thought. BF does not seem to be the right way (on my own environment is already running second hour with 7 requests per second (I get DOS when I try faster). It was rather not meant to be BF for hours.
    There must be another way. I found some "attachments" which look quite promising.

    Have not tried BF as I started working on a different angle with a running service but not sure if thats the right way to go yet have not had any time since posting previously so obviously gone no further as yet.

    As somebody mentioned earlier - quite a lot of research is needed to exploit this machine (not sure about root, cause I'm not there yet, but definitely for user). This is quite tricky exploitation. For someone who is not REALLY familiar (really advanced would be more appropriate here) with low level exploitation, requires a lot of work.

    m4rc1n

  • This machine requires some pretty advanced techniques, though not all advanced techniques, as enumeration reveals. I see the path to success but still need to work on mastering those techniques.

    This is a really good VM for mastering a lot of different tricks and tools. Even if I fail to get a shell (I don't plan on failing but...) I will have gained a ton of useful knowledge.

  • stuck at crypto part...someone who want discuss about that in priv?
    for people that are stucked at web part if need hint just write me in priv.

ยซ13
Sign In to comment.