Smasher

hi can i have a hint plz. im really stuck on bof.

@paw said:
solved the crypto!! this machine is so cool!!! if somebody want discuss about it write me in priv.

Did not complete yet (no time lately), but it looks like the only way is to be very “economical” with buffer space. Did you manage to execute code on the sXXXX or got shell using gXXXXXs only?

@macw141 said:

@paw said:
solved the crypto!! this machine is so cool!!! if somebody want discuss about it write me in priv.

Did not complete yet (no time lately), but it looks like the only way is to be very “economical” with buffer space. Did you manage to execute code on the sXXXX or got shell using gXXXXXs only?

hint for this one is… “I really don’t care about Nx”

@paw said:

@macw141 said:

@paw said:
solved the crypto!! this machine is so cool!!! if somebody want discuss about it write me in priv.

Did not complete yet (no time lately), but it looks like the only way is to be very “economical” with buffer space. Did you manage to execute code on the sXXXX or got shell using gXXXXXs only?

hint for this one is… “I really don’t care about Nx”

Not sure what you mean. In fact It looks like it indeed does not matter, but so far the only way I see is to develop as it was enabled (but is not).

@macw141 just write me in priv if u want help

I have an account password, the user flag and an encryption key. Hint welcome to become root…

anyone wants to put me in right direction? i got login page not sure if i am on a right path… doesnt seems to me and looks like rabbit hole

Wow this one looks interesting. Have worked out what I have to do but its gonna involve some study :+1:

reading through previous posts is a little confusing. I think I have a small idea on how to get shell on box. but my method is not registering how I thought it would, anyone able to offer me help at all? PM pls.

This box really does it’s name worth, Smashes head against wall

Started long time ago, but somehow, even knowing what to do, cannot complete required dev work (mostly lack of time). Perhaps coming weekend.
Machine is indeed very nice.

Because we can’t read proc files, anyone know if AS_L is on or how to use R_P ga__ets on x64 machines in BOF string functions which forbidden null characters ? PM

@AmiToLotto said:
Because we can’t read proc files, anyone know if AS_L is on or how to use R_P ga__ets on x64 machines in BOF string functions which forbidden null characters ? PM

If you don’t know, always assume the worst :wink:

can anyone pm me about the second step of this box. id like to know more about how u went about constructing the script used to attack it

@cgrenier said:
I have an account password, the user flag and an encryption key. Hint welcome to become root…

Well, I have shell, an encryption key but no account password and no user flag. Really frustrating -:frowning:

Hi All. Just want to give some advice. This is not a box for the weak. It’s a tough old bird with lots of challenges. The first part is hard but manageable (I needed a lot of help along the way) . then you have another hoop, then another. I would like to thank Di.... a lot as the guidance and hints got me past 1st stage and P.. for 2nd & 3rd stages. not a box for noobs. not a box for those who haven’t got some experience, so if you haven’t - do another box! so final piece of advice, once you know what exploit to use go and study!!! here to help anyone as that is my mantra but by no means an expert on this!!

@macw141 said:

@cgrenier said:
I have an account password, the user flag and an encryption key. Hint welcome to become root…

Well, I have shell, an encryption key but no account password and no user flag. Really frustrating -:frowning:

Same here - I am stuck at using the encryption key, hopefully this will lift my user context from www to user… I am guessing that the key is the access to ssh for user :slight_smile:

Any nudges will be much appreciated, please send a PM - thanks.

@Booj said:
Stop, Drop and…

…give me 50?

Via both experimental and anecdotal evidence and supported strongly by OSINT to a high degree of confidence, I thought I knew exactly what needs to be done here but not so sure now… as there wasn’t meant to be :cookie:

nikto fingerprint points to A. but fuzzing says it is A*… (pun intended). :bleep_bloop:

SoMeBOdy is lying - anybody care to hint in DM? I’d be most grateful.

@izzie said:
Via both experimental and anecdotal evidence and supported strongly by OSINT to a high degree of confidence, I thought I knew exactly what needs to be done here but not so sure now… as there wasn’t meant to be :cookie:

nikto fingerprint points to A. but fuzzing says it is A*… (pun intended). :bleep_bloop:

SoMeBOdy is lying - anybody care to hint in DM? I’d be most grateful.

LOL. I will never complete this machine. There is always something more urgent -:slight_smile:
I have shell so can give you some hints on PM, but you really need to love assembly to play with this.