Smasher

@izzie said:
Via both experimental and anecdotal evidence and supported strongly by OSINT to a high degree of confidence, I thought I knew exactly what needs to be done here but not so sure now… as there wasn’t meant to be :cookie:

nikto fingerprint points to A. but fuzzing says it is A*… (pun intended). :bleep_bloop:

SoMeBOdy is lying - anybody care to hint in DM? I’d be most grateful.

LOL. I will never complete this machine. There is always something more urgent -:slight_smile:
I have shell so can give you some hints on PM, but you really need to love assembly to play with this.

NVM, rooted it.

If you believe your payload is correct, but you cannot root it. Go to another folder and try.

In my case, my payload did not work in a folder, but I change to another folder, it works.

I recently revisited the box since I got the root flag using a certain technique but no real root shell (yet). Is there someone out there who has a root shell on it? Just as hint for me if it is possible or not^^

stuck at ‘Insert ciphertext’, if anyone kindly can shed some lights :slight_smile:

@kecebong said:
stuck at ‘Insert ciphertext’, if anyone kindly can shed some lights :slight_smile:

Also on same. Having a hard time understanding precisely what it’s asking, and only otherwise notice repeating the same text back produces the OK message.

Amazing box so far. Just got a shell. Enumerating and trying to figure out where to go next now. Edit: Never mind. Pretty sure I see the path forward.

Edit: Got user. On to root!

Edit: Rooted.

Is there any way to get a shell? I hate not getting shells. :frowning:

Best box so far. Nice rabbit hole xD

I have to admit I draw a complete blank on this box. It makes me want to cry and I cant work out why!

Rooted!

Really nice box! Thanks to Opt1kz for the help. Now trying to get a shell!!

looking at the app, thinking I need to do some kind exploit dev Would be awesome if someone can PM me with a little insight going forward. Ive found many articles and have some ideas moving forward, I have good understanding of 32bit asm but 64bit is new territory for me. Not looking to pass up this learning experience . thanks

Finally got the root flag… but I need some help about / usr / bin / c*** binary… what is that??? can someone PM me, please?

im stuck at /exx/pxxx can someone please guide me ahead. im lost completely

the user.txt is not in the usual location for this box?

@evandrix said:
the user.txt is not in the usual location for this box?

Yes it is!

@Downloading said:

@evandrix said:
the user.txt is not in the usual location for this box?

Yes it is!

mmm, i only see a w** user, and no files are there … maybe i’ll reset the box and try again

found a login page on port 1*** tcp filtered port

@evandrix said:

@Downloading said:

@evandrix said:
the user.txt is not in the usual location for this box?

Yes it is!

mmm, i only see a w** user, and no files are there … maybe i’ll reset the box and try again

That isn’t where the user flag is, it is a different user on the system. That account is just a jumping off point.

I guess I’m the rabbit going down the hole. Only found SSH and the web server port, started more ennumeration and the server was not playing nice. Looked at PCAP and see strange encoding leading to a C*** method?

Am I on the right track or should be Iooking at SSH?

That wonderful thing is not loading…
Why???

Any hint…