Fortune

For root:
Read the code and utilize the data you’ve found. If you are okayish with Python you can solve it in no time. Remember that you can just copy the code and import it to your python interpreter.

Just rooted. Overall very nice machine. No guessing, no CTFish nonsense. Congrats to the author!

However 6h spent trying to crack something what just can be copy-pasted.
Always read ALL relevant code, do not make assumptions like me. Otherwise it will be a very hard way of learning.

well i dunno where i should start with this box, i think im still a bit nwbie. I cant understand how the fortunes works, i got some certs via Op****l but without a private key i cannot make the user cert, so im a bit lost, could anyone gimme a hand with that? via PM or just with a repply in the forum… i want to learn about BSD :smiley: TKS in advance!

Got root. For me an enjoyable box.

However the very first step was painful to see because it was so simple (strangely). After that, an interesting route with plenty to learn along the way.

For priv-esc, patiently and diligently reading source code is the way, once you have found the jewels.

Feel free to PM me for hints.

Found every single part, but can’t assemble it into the solution to get root.

I got the H*** from d* file, and got the de**** function, as well as the ke* from d* too, but can’t get anything useful after de****ing it :frowning:

Got root.
Feel free to PM me for hints.

…need help on root…stuck for weeks

Missing the ci******** for the d****** function

Edit: For root, I strongly suggest downloading the application locally, creating your own database and put some print functions around the crypto functions

Finally after long struggle, i managed to root it.
special thanks to @Roph @NoPurposeInLfe @goeo @Jiren @Brutef0rce

Tips here,

Initial: Please, put more attention on enumerating. If you are lost, follow owasp cheat sheet and you shall find your way in.

User: once you are in, understand what caused the error, how can you solve the error? what do you need to get in? The forum itself has already given the answer. If it is asking for a certificate, just show him the same certificate, he will let you in. Once you are in, just be who you wanna be.

Root: Like what @NoPurposeInLfe said, download the application and enumerate it locally would be much easier. Do check out the mailbox at home too, there are some message left behind that would help you.

Feel free to find me if you need any help…

rooted.
my first insane level box…but learned a lot as this one will force you to do enumeration and google searches.
PM me if you want help.And please tell me your progress.

Hi! I need any nudge at initial foothold in fortune box) or links for reading how to m9ve forward) thanks in advance

Found the hashes and on my way to root. If someone can give me a nudge what to look for to solve that… Been enumerating for quite a while and found nothing except for the c*****.p* , thanks

Hi! I need hint for root, I’ve found the hashes and the c*****.** and also the .d* file. I’ve read the source code but I think I miss some part of it, can I have any nudge for it?

Thank you before!

Edit: Rooted, fun box! If anyone need any nudge feel free to PM :wink:

Best Regards,
env

Thanks a lot for this box @AuxSarge , learned a bunch from it to research more.

Finally got root! :+1:

Well can anyone can help me with the ssl connection thing, I guess I have uploaded right certificates, still I’m getting the https page
I’m always getting error when trying to spawn 10.10.10.127:443
EDIT:- Ok got it nevermind, I was neglecting very small thing
EDIT:-Can anyone help me to find the source file, please pm me

Having difficulties with nf****r - trying to do ssh thing suggested by name and getting “open failed administratively prohibited” - not sure if this is the right direction?

EDIT: I was over-complicating things - thanks @AzAxIaL for the help

Logged in as n******r but cant find the way forward. Any hint please. How do I become another user?

hey can i PM someone for the ssl bit. i have some files via rce but think im missing something essential to create the client cert

I’m having no luck finding the “RCE” that is mentioned several times in this thread. If someone could PM me and help out I would appreciate it. I’ve got some usernames and enumerated all services I think, but I must be missing something obvious because I don’t see any way at all to get the remote machine to do anything.

I love that almost always whenever I post for help I find the answer i’m looking for within about an hour. :slight_smile:

Type your comment> @dr0ctag0n said:

I must be missing something obvious because I don’t see any way at all to get the remote machine to do anything.

Focus not on what to get the machine to do, but what you can get from the machine.