Fortune

I can’t find a single thing on this machine after reading all the forum… completely stumped at the entry point. Zero Fortune or it’s simply in front of me and I cannot get it.
Any PM with a little push welcome

EDIT: first “easy” step passed. It looks like I’ll have to take it slowly and thank a lot of people on the way for this one…

The ride was Fun…

Thanks @moxic and @fl4sh for all the help.
The final step… I would never have figured it out unfortunately.

Perhaps the only way would be to install the app locally on my machine, I stopped half way.
Or to be very good at coding, which I’m not.

Thank!

Great box…i enjoyed so far…
but on the priv esc part i just wasted my time around the encryption of the hashes…all the way down what i needed was in my own hands… HahAha…

Hi, some hint to begin ?
i not sure if i have some interesting thing

Type your comment> @EthicalHCOP said:

Hi, some hint to begin ?
i not sure if i have some interesting thing

read the whole thread first if you haven’t done so

Type your comment> @halfluke said:

Type your comment> @EthicalHCOP said:

Hi, some hint to begin ?
i not sure if i have some interesting thing

read the whole thread first if you haven’t done so

yes, just that i’m not sure if i’m on the correct way !

fortune# whoami
root

I’m still under the shock about the box but don’t hesitate to PM for help!

Type your comment> @EthicalHCOP said:

Hi, some hint to begin ?
i not sure if i have some interesting thing

Check any port, you will find one where you can do nasty things.

Type your comment> @xdaem00n said:

Finally got root, thanks for those who helped me.
The way to get user is cool, I really liked that and waited for a box like this one. Root was hard for me mainly because I didn’t try ^everything^, once I tried something else that was in front of my eyes the whole time, it worked.
Hint for initial foothold:
#.
#2 Enumerate the box, you don’t need to get a shell in order to do that.
Hints for user:
#1 What does the user name tell you? Maybe you can do something and then use one of the lower services to log in?
Hints for root:
#1 The hint is inside the home folder, read it, look for it, once you find something, import it to your machine and enumerate it more. Check out the source code to see how it works behind.
If u need help feel free to pm me

I’am looking behind scenes on fortunes, but cant understand whats going in there, beside I find very interesting things on a secure port via command line. But I’m complety stucked on the most common port and its fortunes. :anguished:

For root:
Read the code and utilize the data you’ve found. If you are okayish with Python you can solve it in no time. Remember that you can just copy the code and import it to your python interpreter.

Just rooted. Overall very nice machine. No guessing, no CTFish nonsense. Congrats to the author!

However 6h spent trying to crack something what just can be copy-pasted.
Always read ALL relevant code, do not make assumptions like me. Otherwise it will be a very hard way of learning.

well i dunno where i should start with this box, i think im still a bit nwbie. I cant understand how the fortunes works, i got some certs via Op****l but without a private key i cannot make the user cert, so im a bit lost, could anyone gimme a hand with that? via PM or just with a repply in the forum… i want to learn about BSD :smiley: TKS in advance!

Got root. For me an enjoyable box.

However the very first step was painful to see because it was so simple (strangely). After that, an interesting route with plenty to learn along the way.

For priv-esc, patiently and diligently reading source code is the way, once you have found the jewels.

Feel free to PM me for hints.

Found every single part, but can’t assemble it into the solution to get root.

I got the H*** from d* file, and got the de**** function, as well as the ke* from d* too, but can’t get anything useful after de****ing it :frowning:

Got root.
Feel free to PM me for hints.

…need help on root…stuck for weeks

Missing the ci******** for the d****** function

Edit: For root, I strongly suggest downloading the application locally, creating your own database and put some print functions around the crypto functions

Finally after long struggle, i managed to root it.
special thanks to @Roph @NoPurposeInLfe @goeo @Jiren @Brutef0rce

Tips here,

Initial: Please, put more attention on enumerating. If you are lost, follow owasp cheat sheet and you shall find your way in.

User: once you are in, understand what caused the error, how can you solve the error? what do you need to get in? The forum itself has already given the answer. If it is asking for a certificate, just show him the same certificate, he will let you in. Once you are in, just be who you wanna be.

Root: Like what @NoPurposeInLfe said, download the application and enumerate it locally would be much easier. Do check out the mailbox at home too, there are some message left behind that would help you.

Feel free to find me if you need any help…

rooted.
my first insane level box…but learned a lot as this one will force you to do enumeration and google searches.
PM me if you want help.And please tell me your progress.