Chatterbox

@druckk4mm3r like 1-1000, 1000-2000 ?

@estihex yep :wink:

that box is boring.

Boring boring

Scan witn netcat ftw

i can not bufferoverflow in chatterbox. can u hint me. what do i need? i found exploit but not work…

if someone could pm me to talk about the initial exploit that would be great.

@kimbilirkim said:
i can not bufferoverflow in chatterbox. can u hint me. what do i need? i found exploit but not work…

I think this has something to do with the OS version. I also found it, but noticed that the exploit works up to an irrelevant version.

can someone tell me the prots … its taking too long i wasted 3 hours before and 2 hours today i dont know what the thing in wrong.

you cant get a shell if someone is already using a shell…you can wait 3 days for nothing…or cheat with somone to run your powershell line there. in any case that box sucks.

F

@peek said:
you cant get a shell if someone is already using a shell…you can wait 3 days for nothing…or cheat with somone to run your powershell line there. in any case that box sucks.

Hey there,

So you’re saying that if we found the ports and attempted exploiting it properly but failed, it’s because of the environment? How did people get that reverse shell then? They were just lucky?

yep, do a reset then exploit…

[-] Exploit failed: No encoders encoded the buffer successfully
can somebody help please?

@h4x3r said:
[-] Exploit failed: No encoders encoded the buffer successfully
can somebody help please?

try another payload

metasploit sucks …try some others

you should reset the box before trying to pwn

@peek said:

@h4x3r said:
[-] Exploit failed: No encoders encoded the buffer successfully
can somebody help please?

try another payload

@peek i found the right py payload but how to set PAYLOAD location of py file? it says the value of payload is wrong

I Changed the payload and got Exploit Completed but no session was created !

So, I ran a bunch of port scans on this using netcat, 1 - 65355 at the speed of one port per second. Taken around 18 hours and turned up a very small number of ports. Is this normal behavior for this box? Guessing it is, but just need a sanity check.