Ellingson

what an awesome box, i have learned a ton, i finally got user and now i am on to root.

Just got started - enumeration still going; found W***z**g while doing stuff manually is this the right path? Can we get RCE this way through debug or do I need to look harder at some errors? :slight_smile:

EDIT: Yup, now have shell as technoweenie, working on getting user. Can’t seem to find anything pertinent to privesc. I must be missing something. I’ve run a few enumeration scripts and monitored processes to no avail. :confused:

EDIT 2: Well I got user.txt from the one with the God complex. I’ve seen g****** and b***** e*********** mentioned in this thread much to my chagrin. I might give it a crack when I’m feeling up to it. Thanks @Dmwong for the hint

as iam getting a lot of dm’s I would advice everyone to learn basic rop and not rush for the root, this video by ippsec may also help you - Camp CTF 2015 - Bitterman - YouTube

just started the machine… i am lost, don’t have clue how to start, any leads would be appreciated. Thanks

@gokuKaioKen said:
hmmm… found a traceback

how ?

Am i the only one who has problem with the machine timing out like every 3 mins.

hey all, im this initial user on first getting a shell. i know what privs that user has got but cant seem to find anything useful in /var/****. am i supposed to be waiting for a scheduled event to occcur?

Need help on user. Managed to get on the system, now I can’t manage to find anything interesting besides a couple of hashes which decrypted don’t seem to work and also an executable that’s needed for root though. DM please…

The path to root Is only by binary analysis?

Type your comment> @Hobbot said:

Am i the only one who has problem with the machine timing out like every 3 mins.

It’s probably users that are getting banned before they read the warning about being banned so they reboot the box.

Need help with user. I’ve got a shell on the box but i don’t know i to proceed.
I ran a couple of scripts but i can’t find anything. Also tried pspy but not seems right direction.
Any hints?

My god this box made me discover “peda” – after spending so much time fuzzing manually lol. Such a cool box! Congrats to the maker!

Hi, I am working on the binary exploitation and I made a working exploit but for some reason it doesn’t work on the box. I have the libc from the box and I get gadgets from it. I don’t really know what I’m doing wrong. If someone is willing to give me some hints please do!
Thank you and if I this is a spoiler please tell me to take it down.

Type your comment> @sarange said:

Hi, I am working on the binary exploitation and I made a working exploit but for some reason it doesn’t work on the box. I have the libc from the box and I get gadgets from it. I don’t really know what I’m doing wrong. If someone is willing to give me some hints please do!
Thank you and if I this is a spoiler please tell me to take it down.

pm me

rooted … that rop fucking ate me alive

The g****** file. I can’t run it, not user yet. But on my box, when I put in, a thousand chars (roughly), it just launches my command (AAAAAAmycommand). Is it really going to be that easy?

Type your comment> @Zot said:

The g****** file. I can’t run it, not user yet. But on my box, when I put in, a thousand chars (roughly), it just launches my command (AAAAAAmycommand). Is it really going to be that easy?

If only …

Is it just me or the box is just unresponsive every few minutes. Found trace back but cant even try anything.

Type your comment> @ColdFusionX said:

Is it just me or the box is just unresponsive every few minutes. Found trace back but cant even try anything.

Try regenerate your access.

Hi, i think i’m losing something, i’ve found the part where you can execute code, but, i’m not able to get shell on the machine, i’ve tryied several types of it, if someone could PM me and help me i whould really appreciate it.