@xterm said:
Guys I found the encryted file and the encryptor, But I really dont know how to decrypt.
Please give me some hints
You can also use the ‘default command line tool for all things crypto’. It has some issues with the beginning of the file but I did not bother to sort them out. The actual content is decrypted correctly using a single command.
Using the scripting language is the ‘right’ solution I guess, but I was curious if I could quickly get it to work using the other tool.
Guys if someone managed to decrypt the file PM i am stuck i wrote the decryptor and tried the password that came along with the file but i am still stuck
So if someone could PM me about the rb*** of user ay***. It is not working as it is expected to work by the creator of the box: I can use it freely, no restrictions.
I’d be happy to know how I escaped that feature without even trying . Thanks!
so i got shell as ww***** but i can’t seem to go any further in the system. did i get shell incorrectly or just need to enumerate more from this foothold?
Okay into user.txt, this box does not seems like a easy one, at least for me and for the other noobs out there! Anyway If any help needed you can pm me “BUT FIRST SAY WHAT YOU HAVE DONE”
That was a very cool box. I really didn’t like the password guess work in the beginning but as a whole this is a very well done machine. Not sure why others are saying diff. Just my 2 cents.
The RCE type was new for me; Really dug that.
Root; Was… Definitely very cool. At least I thought so.
User: It will Chaos you. Make sure you gobust everything instead sticking to domains and identify the open source thing. From there everything straightforward which involved multi steps like decryption, later injection, shell escape and user. Not much realistic
Root: Once you got user you can see it infront of your nose. Then think how you use lazy feature in browser to see it.
This box is… frustrating to say the least. I decrypted the thing, but what am I supposed to do with p** c***** s******? The URL seems like a troll… any hints in PM would be appreciated as I’m fresh out of magic to solve this mystery…
Hi All, were do we get the elusive password? I did dirb and obtained a w**dp**** site. enumerated further and obtain a l**** screen. I am stumped by Chaos. Please PM me or any advice please!!!
I found this box pretty interesting even though it’s really CTF-like. Anyway, it’s a good opportunity to learn a few tricks! Thanks to @sahay for this box