Ethereal

Uhh, got it… tried some but not the that particular… I need to create a list… Shame on me!

Is the RCE a rabbit hole? I’ve spent hours on it and gotten nowhere, but can’t find any other attack surfaces.

@opt1kz said:
Is the RCE a rabbit hole? I’ve spent hours on it and gotten nowhere, but can’t find any other attack surfaces.

This! It’s absolutely driving me nuts.
Can anyone confirm or deny it’s real?

You can run but you can’t write. What you can run seems to be limited, too.

@SingleCore said:
This! It’s absolutely driving me nuts.
Can anyone confirm or deny it’s real?

I DM’d someone who’s rooted it asking about this, and they confirmed that it’s the way in.

So… Yay…

Need someone who’s gotten a foothold via the RCE to DM me. I have a theory about a possible attack vector, but I’m stuck on a particular part.

Anyone know when the patch is supposed to be complete?

EDIT:
As of 1800 UTC it seems to be patched, if it is down on your server issue a reset and it will bring the box back up.

EDIT2:
jk, status check feature was lying (@ mods)

EDIT3:
annnnd we’re back

so i only Nmap not going to try it Yet!!

my be this weekend ill have go and as usualy forum is full spoiler lol!!!..

but lates what we can do this weekend!!

wish me luck ! :slight_smile: but i want to do the 20 pointer box that coming out first.

Edit: Never mind. Rooted.

I’ve been stuck on what I believe is the last step to user, j****. Created a new .l** and replaced the one on the box successfully, but I get nothing back. I know the arguments are correct because I tested them outside the file. Really need a sanity check on this one, it’s driving me nuts and wasting a lot of time.

EDIT: nvm got it. If you’re not getting anything, check for hanging processes…

@iven said:
for me, I got remote desktop access but the code on user.txt not working :angry:

This is a joke, right?
Im not sure you remote desktop access, i think you were on an html page.

pbox.exe…rabbit?

@cslatt05 said:
pbox.exe…rabbit?

No.

Darn, crZ=0fff4a12 page faults…it will be neat to find an emulator that works

EDIT: Solved the pbxx issue. Thanks to @devloop.

Hi ! Yes I was able to do it. Had to download some required component, unzip it and put files in bin directory to make them work.

Now I’m able to ping and check file existence but no more :stuck_out_tongue:

@cslatt05 said:
pbox.exe…rabbit?
you can get the password contents extremely easy…
Im just trying to figure out what to do with the contents…

EDIT: ncrack helped a lot with this

this box is ■■■■, even when you know what to do. run from it.

I can ping myself from Ethereal. That’s all I have achieved up to now. Am I on the right track? Would some kind soul offer guidance towards RCE? No direct hints or spoilers. Thanks for your time!

I ended up getting the source code for pbox.exe and rewriting it into a password cracking tool because I can’t be arsed to repetitively type in passwords, especially with that extra two-second sleep (which feels more like two years…). It was an interesting exercise, but ultimately I was a little peeved when it told me the password…