Chaos

Where are these creds that people seem to have found?

@ko260 said:
Where are these creds that people seem to have found?

Exactly. I spent all day running gobuster / cewl and guessing. Reset the box. Still Nothing. I suck at guessing.

Anyone mind sharing a hint for what to do after decrypting. Cant seem to find the place mentioned for P**

@dualfade said:

@ko260 said:
Where are these creds that people seem to have found?

Exactly. I spent all day running gobuster / cewl and guessing. Reset the box. Still Nothing.

I found them in the end, this is a strange box imo. I now have the creds and have logged in one P**3 service but nothing in there :frowning:

@ko260 said:

@dualfade said:

@ko260 said:
Where are these creds that people seem to have found?

Exactly. I spent all day running gobuster / cewl and guessing. Reset the box. Still Nothing.

I found them in the end, this is a strange box imo. I now have the creds and have logged in one P**3 service but nothing in there :frowning:

You’re ahead of me then hah

Huh… thanks @k0260 The reset must have done something. odd.

@xterm said:
Guys I found the encryted file and the encryptor, But I really dont know how to decrypt.

Please give me some hints

You can also use the ‘default command line tool for all things crypto’. It has some issues with the beginning of the file but I did not bother to sort them out. The actual content is decrypted correctly using a single command.

Using the scripting language is the ‘right’ solution I guess, but I was curious if I could quickly get it to work using the other tool.

no idea where ze creds either :confused:

Guys if someone managed to decrypt the file PM i am stuck i wrote the decryptor and tried the password that came along with the file but i am still stuck

So if someone could PM me about the rb*** of user ay***. It is not working as it is expected to work by the creator of the box: I can use it freely, no restrictions.

I’d be happy to know how I escaped that feature without even trying :joy:. Thanks!

so i got shell as ww***** but i can’t seem to go any further in the system. did i get shell incorrectly or just need to enumerate more from this foothold?

Okay into user.txt, this box does not seems like a easy one, at least for me and for the other noobs out there! Anyway If any help needed you can pm me “BUT FIRST SAY WHAT YOU HAVE DONE” :slight_smile:

Okay!!!This box was more fun than i anticipated! Priv esc was quite nice :smiley:

Hey guys, please could someone drop me a hint on the decryption? In all honesty… i have no idea!

That was a very cool box. I really didn’t like the password guess work in the beginning but as a whole this is a very well done machine. Not sure why others are saying diff. Just my 2 cents.

The RCE type was new for me; Really dug that.
Root; Was… Definitely very cool. At least I thought so.

hi guys, any ideas to scape rbash?

Finally rooted.

User: It will Chaos you. Make sure you gobust everything instead sticking to domains and identify the open source thing. From there everything straightforward which involved multi steps like decryption, later injection, shell escape and user. Not much realistic :frowning:

Root: Once you got user you can see it infront of your nose. Then think how you use lazy feature in browser to see it.

This box is… frustrating to say the least. I decrypted the thing, but what am I supposed to do with p** c***** s******? The URL seems like a troll… any hints in PM would be appreciated as I’m fresh out of magic to solve this mystery…

Edit: nevermind, was having DNS issues

@IteXss said:
hi guys, any ideas to scape rbash?

Hi All, were do we get the elusive password? I did dirb and obtained a w**dp**** site. enumerated further and obtain a l**** screen. I am stumped by Chaos. Please PM me or any advice please!!!