Smasher

2

Comments

  • I went through crypto, I can execute one or two gXXXXXs (wth enabled AXXX) and ... thats all. Technically I have everything to get shell with gXXXXXs only. Everything, but ... a long enough buffer. I though several times that I have it, but still not yet.

    m4rc1n

  • solved the crypto!! this machine is so cool!!! if somebody want discuss about it write me in priv.

  • hi can i have a hint plz. im really stuck on bof.

  • @paw said:
    solved the crypto!! this machine is so cool!!! if somebody want discuss about it write me in priv.

    Did not complete yet (no time lately), but it looks like the only way is to be very "economical" with buffer space. Did you manage to execute code on the sXXXX or got shell using gXXXXXs only?

    m4rc1n

  • @macw141 said:

    @paw said:
    solved the crypto!! this machine is so cool!!! if somebody want discuss about it write me in priv.

    Did not complete yet (no time lately), but it looks like the only way is to be very "economical" with buffer space. Did you manage to execute code on the sXXXX or got shell using gXXXXXs only?

    hint for this one is... "I really don't care about Nx"

  • @paw said:

    @macw141 said:

    @paw said:
    solved the crypto!! this machine is so cool!!! if somebody want discuss about it write me in priv.

    Did not complete yet (no time lately), but it looks like the only way is to be very "economical" with buffer space. Did you manage to execute code on the sXXXX or got shell using gXXXXXs only?

    hint for this one is... "I really don't care about Nx"

    Not sure what you mean. In fact It looks like it indeed does not matter, but so far the only way I see is to develop as it was enabled (but is not).

    m4rc1n

  • @macw141 just write me in priv if u want help

  • I have an account password, the user flag and an encryption key. Hint welcome to become root...

    cgrenier

  • anyone wants to put me in right direction? i got login page not sure if i am on a right path.. doesnt seems to me and looks like rabbit hole

    masuse

  • Wow this one looks interesting. Have worked out what I have to do but its gonna involve some study :+1:

  • reading through previous posts is a little confusing. I think I have a small idea on how to get shell on box. but my method is not registering how I thought it would, anyone able to offer me help at all? PM pls.

    adyd

  • This box really does it's name worth, Smashes head against wall

  • Started long time ago, but somehow, even knowing what to do, cannot complete required dev work (mostly lack of time). Perhaps coming weekend.
    Machine is indeed very nice.

    m4rc1n

  • edited July 2018

    Because we can't read proc files, anyone know if AS_L is on or how to use R_P ga__ets on x64 machines in BOF string functions which forbidden null characters ? PM

  • edited July 2018
    > @AmiToLotto said:
    > Because we can't read proc files, anyone know if AS_L is on or how to use R_P ga__ets on x64 machines in BOF string functions which forbidden null characters ? PM

    If you don't know, always assume the worst ;)

    drtychai

  • can anyone pm me about the second step of this box. id like to know more about how u went about constructing the script used to attack it

  • @cgrenier said:
    I have an account password, the user flag and an encryption key. Hint welcome to become root...

    Well, I have shell, an encryption key but no account password and no user flag. Really frustrating -:(

    m4rc1n

  • Hi All. Just want to give some advice. This is not a box for the weak. It's a tough old bird with lots of challenges. The first part is hard but manageable (I needed a lot of help along the way) . then you have another hoop, then another. I would like to thank Di.... a lot as the guidance and hints got me past 1st stage and P.. for 2nd & 3rd stages. not a box for noobs. not a box for those who haven't got some experience, so if you haven't - do another box! so final piece of advice, once you know what exploit to use go and study!!! here to help anyone as that is my mantra but by no means an expert on this!!

    adyd

  • @macw141 said:

    @cgrenier said:
    I have an account password, the user flag and an encryption key. Hint welcome to become root...

    Well, I have shell, an encryption key but no account password and no user flag. Really frustrating -:(

    Same here - I am stuck at using the encryption key, hopefully this will lift my user context from www to user.... I am guessing that the key is the access to ssh for user :)

    Any nudges will be much appreciated, please send a PM - thanks.

    ninpox

  • @Booj said:
    Stop, Drop and...

    ...give me 50?

    izzie

  • Via both experimental and anecdotal evidence and supported strongly by OSINT to a high degree of confidence, I thought I knew exactly what needs to be done here but not so sure now... as there wasn't meant to be :cookie:

    nikto fingerprint points to A. but fuzzing says it is A*... (pun intended). :bleep_bloop:

    SoMeBOdy is lying - anybody care to hint in DM? I'd be most grateful.

    izzie

  • @izzie said:
    Via both experimental and anecdotal evidence and supported strongly by OSINT to a high degree of confidence, I thought I knew exactly what needs to be done here but not so sure now... as there wasn't meant to be :cookie:

    nikto fingerprint points to A. but fuzzing says it is A*... (pun intended). :bleep_bloop:

    SoMeBOdy is lying - anybody care to hint in DM? I'd be most grateful.

    LOL. I will never complete this machine. There is always something more urgent -:)
    I have shell so can give you some hints on PM, but you really need to love assembly to play with this.

    m4rc1n

  • SpZSpZ
    edited September 2018

    NVM, rooted it.

    If you believe your payload is correct, but you cannot root it. Go to another folder and try.

    In my case, my payload did not work in a folder, but I change to another folder, it works.

  • edited August 2018

    I recently revisited the box since I got the root flag using a certain technique but no real root shell (yet). Is there someone out there who has a root shell on it? Just as hint for me if it is possible or not^^

  • stuck at 'Insert ciphertext', if anyone kindly can shed some lights :)

  • @kecebong said:
    stuck at 'Insert ciphertext', if anyone kindly can shed some lights :)

    Also on same. Having a hard time understanding precisely what it's asking, and only otherwise notice repeating the same text back produces the OK message.

  • edited September 2018

    Amazing box so far. Just got a shell. Enumerating and trying to figure out where to go next now. Edit: Never mind. Pretty sure I see the path forward.

    Edit: Got user. On to root!

    opt1kz

  • edited September 2018

    Edit: Rooted.

    Is there any way to get a shell? I hate not getting shells. :(

    opt1kz

  • Best box so far. Nice rabbit hole xD

  • I have to admit I draw a complete blank on this box. It makes me want to cry and I cant work out why!

Sign In to comment.