I solved it. If anybody wants any hints, PM me. I won’t spoil the fun for you.
Btw, this box is not CTF like. I didn’t have to guess for stuff. The only painful thing was the certs because openssl cmd is a disaster.
find me a website where you can generate a key
Let me preface this by saying that I don’t want to start a flamewar. It seems that you got User on the box so I can respond without spoiling it for the others.
That functionality that you leveraged to solve the TLS issue is an RFC for a bit more than a decade and it has been in discussions for almost two decades. This feature has been a freaking pain in the ■■■ for users to handle but lately we “”“DevOps”“” so users don’t see it. It’s a feature widely used in Fortune and Tech companies and generally big corporations (maybe for the past 2-3 years?).
Even the way it’s tied with the next step, is stuff that happens (or some variation of this). All of the above tipped me off and this is why I’m saying it doesn’t look like a CTF.
This is a flow that exists and variations of it will come up more often inside corporate networks because it’s an easy and convenient way for developers, users, infrastructure engineers and god knows who else to do stuff without having extra overhead.
got root root is tricky and reading code and backtracing is required. I don’t have much coding experience so got some hiccups.
PM for hints. That’s awesome box anyway. Leant lot of new things.
Getting user was pretty awesome. I can’t say the same for root. IMHO, I thought it was a pretty lame find. It only made sense when I finally got it. I can only blame myself for not seeing the obvious.
Secure way is blocked .You need to open it .Use open door for help !!
Once you are through the security , check the doors again !!
Video game on racing !!!
local user to the rescue !!!
Wow rooted - but at what cost? How in the world should I know the p******* for the de********? I just try everything that got along the enum process.
That you know if you see the source code if I am not wrong. The logic looks weird of course. But in real world lot of weird things happen in dev or design.
took me way to long to get root, cause of a flawed assumption. always check those if you get stuck
though I did need much time for root, I don’t think root is the hard part of this box.
Secure way is blocked .You need to open it .Use open door for help !!
Once you are through the security , check the doors again !!
Video game on racing !!!
local user to the rescue !!!
I just got user and I still cant understand your hint. Some of the hints posted in the forums for machine are so vague that they should have stayed in the poster’s head cause its meant for him only.
I’ll like to know the way you have solved this hash thing by writing a script which i have failed at. But thanks to @Maxxx who showed me a far easy way to achieve same thing
Rooted