FluJab

How do you access to the sub I got from the nurse? One way it returns direct ip access not allowed, the other way it returns 301. None of the usual WAF bypass headers seem to work.

@krypt

Double check what your browser is requesting. Try using Burp intercept and don’t assume what you type into a url is what your browser will request.

Modern browsers cache way more than expected in order to improve page load speed.

If that still won’t work… Thats either because you haven’t recently spoken to the nurse or someone else told you what she said.

Yes it was the cache figured it out later.

Whaou, not a piece of cake box.

Thanks for the “nurse talk”, it was an occasion to use a personal tool that I wrote. it’s a good opportunity to improve it.

Now stuck on the area where the nurse guide me. See the closed door and no clown to end the party (I it make you crazy, tell him to stay at home). Try to c***k given hint not work and not find any bug to exploit.

What did I miss?

Oh my, what a box… I really didn’t want to ask for help but here I am… stuck after a week.

I have one question: when talking with the “Nurse” I just kept on scope as suggested, but it seems I cannot use the information I get. Do I need to get out of the scope?

Oh my, what a box… I really didn’t want to ask for help but here I am… stuck after a week.

I have one question: when talking with the “Nurse” I just kept on scope as suggested, but it seems I cannot use the information I get. Do I need to get out of the scope?

If we have the same definition of the word scope for this machine, when you get the good info, you will find the new “scope” with it.

Type your comment> @neuronaddict said:

Oh my, what a box… I really didn’t want to ask for help but here I am… stuck after a week.

I have one question: when talking with the “Nurse” I just kept on scope as suggested, but it seems I cannot use the information I get. Do I need to get out of the scope?

If we have the same definition of the word scope for this machine, when you get the good info, you will find the new “scope” with it.

I mean to not get out of scope: to not attack/test services that do not belong to flujab.
Let’s say that the “Nurse” can tell you tales from 3 different books: os, v**********s, and pt. But only v**********s is in the scope as it is the book used by the flujab “company”. So, do I need to get out of the scope and tell the Nurse to readme the other books?

Finally rooted. Root is the easiest part I think. It has been frustrating at times but still a cool box.

Well done @krypt

Hope you had fun :wink:

Finally rooted, not sure if in the intempted way… but rooted. Honestly I don’t know how to feel about this box. It is indeed a lot of work and frustration and some things don’t make any sense. I am afraid that I did not enjoyed this box very much.

In any case, what I am sure is that 3mrgnc3 put a lot of work on it for us to enjoy and learn and I truly appreciate that.

So overall THANK YOU 3mrgnc3 for all the effort you put on this box. It is certainly unique :smiley:

So i have the nurse and have talked her finding a web page which previously I was able to access but now when i try to access the web page i get a denied response. I am at a loss on what to do? can someone offer me a hint this is probably one of the hardest boxes i have come across…

Finally rooted. Sometimes angry about the trolls but its a good box and I learned a lot.

A lot of work from the creator to make the box not so CTF. Thanks to you @3mrgnc3.

my hints :

foothold

As usual, enumeration is the key, as I say previously, if the clown is bothers you, tell him to stay at home. Be careful for browser issues, monitor traffic with burp, zap or firefox debug tools and understand what the HTTP talk mean.
As say previously, the clown can guide you.

When find the nurse, everything are say here.

Next, follow the white rabbit, if you want c**** something, be careful about your tools.

user

Now, you got a little access, so my technique was to script my enum to avoid big manual and repetitive task, you will save time (network analysis will give you a way).
You will find a weak that lead you on the hole. Remember that an old bug can stay on a recent system.

root

If you find something that don’t work out of the box, maybe it can work with a a little more effort (nothing in this box is obvious^^).

Thanks to @Sh11td0wn for his help !

So I can make the nurse tell me any story I want, including passwords for doors, but apparently I’m too thick to take a hint on where the door is. Did I miss a previous step or she is still the person to talk to?

Type your comment> @kiqrx said:

So I can make the nurse tell me any story I want, including passwords for doors, but apparently I’m too thick to take a hint on where the door is. Did I miss a previous step or she is still the person to talk to?

Tell the nurse to read you the whole chapter that contains the password.

Finally rooted :slight_smile:

Thanks @Sh11td0wn and @krypt for your help, I owe you a ? .

PM if you need help.

Finally user, great box, If any needs Help, Pm me!!!

clowns… clowns… thousands of them :-1:

Eventually… this took up a LOT of effort. not so sure everything in here is realistic, but I learned some new stuff. and although it hurt at the time (and I nearly smashed my laptop when one of those ■■■■ clowns popped up and scared the sh*t out of me) It felt good to finally get this one wrapped up.

On the whole a very good box for brushing up on the manual stuff, I’ve clearly gotten lazy and use tools/scripting far more than I should.

Please help me find the nurse. PM…

I am able to talk to the nurse and she read several books to me. I thought i found a new area s*******-c******-0* but i can’t access it. Is this a rabbit hole? I also found other interesting pieces of information in the books but I don’t know how to continue.

Would be cool if someone could give me a nudge via PM. Thanks!

EDIT: I dug to deep and forgot about my port scans. Now the info from the nurse makes sense.