LaCasaDePapel

Type your comment> @jfx41 said:

Type your comment> @isitme said:

Thank you to @ScreenSlav3r . Got user and root.

TIPS:

  1. port scan, check every version in services.
    1.1 Do the exploit manually!
  2. Weird shell and only got some city name.
    2.1 You only need 1 or 2 function here. (shell commands & the programming lang function) - Check their website for documentation.
    2.2 If you manage to the command right. You’ll presented with a programming lang function. Using the programming lang function you able to read something.
  3. With the things you read, you can now generate the appropriate cert (no mystery here, the site ask for it, you give it).
    3.1 at this point you should notice a familiar vuln.
    3.2 Question yourself, how to download the file?
    3.3 you should get 1 or 2 files here.
  4. Try and error to get into the machine using the file from 3.3
  5. you should read about FILE PERMISSION.
    5.1 The things is there.
    5.2 Question yourself, how you able to modify the file?

These are great tips. The only thing I would add to this is if your cert has imported into Firefox, but it’s still not working close Firefox and open it again. I beat my head on the wall wondering why it wasn’t working, then I kill -9 firefox-esr reopened it, reloaded the page and viola, the cert portion work.

For what it’s worth, I found this box harder than some that were ranked more difficult.

@jfx41 said:
Type your comment> @isitme said:

Thank you to @ScreenSlav3r . Got user and root.

TIPS:

  1. port scan, check every version in services.
    1.1 Do the exploit manually!
  2. Weird shell and only got some city name.
    2.1 You only need 1 or 2 function here. (shell commands & the programming lang function) - Check their website for documentation.
    2.2 If you manage to the command right. You’ll presented with a programming lang function. Using the programming lang function you able to read something.
  3. With the things you read, you can now generate the appropriate cert (no mystery here, the site ask for it, you give it).
    3.1 at this point you should notice a familiar vuln.
    3.2 Question yourself, how to download the file?
    3.3 you should get 1 or 2 files here.
  4. Try and error to get into the machine using the file from 3.3
  5. you should read about FILE PERMISSION.
    5.1 The things is there.
    5.2 Question yourself, how you able to modify the file?

These are great tips. The only thing I would add to this is if your cert has imported into Firefox, but it’s still not working close Firefox and open it again. I beat my head on the wall wondering why it wasn’t working, then I kill -9 firefox-esr reopened it, reloaded the page and viola, the cert portion work.

For what it’s worth, I found this box harder than some that were ranked more difficult.

I’ve a question , Is PK*S12 the right format of the certs?

Type your comment> @z3nhx said:

Type your comment> @jfx41 said:

Type your comment> @isitme said:

Thank you to @ScreenSlav3r . Got user and root.

TIPS:

  1. port scan, check every version in services.
    1.1 Do the exploit manually!
  2. Weird shell and only got some city name.
    2.1 You only need 1 or 2 function here. (shell commands & the programming lang function) - Check their website for documentation.
    2.2 If you manage to the command right. You’ll presented with a programming lang function. Using the programming lang function you able to read something.
  3. With the things you read, you can now generate the appropriate cert (no mystery here, the site ask for it, you give it).
    3.1 at this point you should notice a familiar vuln.
    3.2 Question yourself, how to download the file?
    3.3 you should get 1 or 2 files here.
  4. Try and error to get into the machine using the file from 3.3
  5. you should read about FILE PERMISSION.
    5.1 The things is there.
    5.2 Question yourself, how you able to modify the file?

These are great tips. The only thing I would add to this is if your cert has imported into Firefox, but it’s still not working close Firefox and open it again. I beat my head on the wall wondering why it wasn’t working, then I kill -9 firefox-esr reopened it, reloaded the page and viola, the cert portion work.

For what it’s worth, I found this box harder than some that were ranked more difficult.

@jfx41 said:
Type your comment> @isitme said:

Thank you to @ScreenSlav3r . Got user and root.

TIPS:

  1. port scan, check every version in services.
    1.1 Do the exploit manually!
  2. Weird shell and only got some city name.
    2.1 You only need 1 or 2 function here. (shell commands & the programming lang function) - Check their website for documentation.
    2.2 If you manage to the command right. You’ll presented with a programming lang function. Using the programming lang function you able to read something.
  3. With the things you read, you can now generate the appropriate cert (no mystery here, the site ask for it, you give it).
    3.1 at this point you should notice a familiar vuln.
    3.2 Question yourself, how to download the file?
    3.3 you should get 1 or 2 files here.
  4. Try and error to get into the machine using the file from 3.3
  5. you should read about FILE PERMISSION.
    5.1 The things is there.
    5.2 Question yourself, how you able to modify the file?

These are great tips. The only thing I would add to this is if your cert has imported into Firefox, but it’s still not working close Firefox and open it again. I beat my head on the wall wondering why it wasn’t working, then I kill -9 firefox-esr reopened it, reloaded the page and viola, the cert portion work.

For what it’s worth, I found this box harder than some that were ranked more difficult.

I’ve a question , Is PK*S12 the right format of the certs?

Yes…

I’ve already rooted the box … :slight_smile:

I’m trying to get root. I know that is something with the m*******d thing but I don’t know how to edit it. Someone can help me?

Is there currently a problem with the machine? nmap isnt giving back anything, but was last friday.

So I got to the old door, got c*.y, and $to code. I also got the c* from the server. I think I know what I need to do (create the csr), but I keep getting errors from code or website. Anyone willing to give me a nudge on o*****l syntax to create the csr ?

EDIT : got root, thank you @thek for this painful user, learned a lot !

I managed to get user, managed to gain shell access on Pr. Now I’m stuck, not sure how do priv esc. I know md.i** is important but I can’t figure out how to modify it to gain root privileges or anything. Any advice or articles/books someone could point me to?

got root :slight_smile:

User: backdoor to an Asian city.
Root: made me go blind, because it was too close to my eyes.

If you need hints, PM me.

I’m in the P** shell through the backdoor and have dumped the info needed. I can check if files are writable, read files (within limits) and edit writable files and I’ve found an interesting i*i file for later.

Would appreciate a nudge with the cert generation. I’ll admit I know less about it than I should have, but I’ve been reading up and still can’t get it to work and it’s driving me nuts.

I’ve checked out:

but no matter what I try i’m still not getting in on the high port I think I must be missing something out because they generate fine.

A pm would be greatly appreciated! :smile:

got rooted

No need to create keys.
Just combine the pieces.

– nvm sorted –

Hi guys, I am stuck with cer*** generation, I double checked every single step but I still run into the same error from the server… Please PM me if you managed to do this step :wink:

Problem solved, just PM me if you are struggling with the cer********

Finally got root!! Thanks to everyone who was willing to dialog with me in PM!!

If anyone is stuck PM me, i’m willing to offer a nudge on root. I was able to get a reverse shell. I know it’s been said before, but if you take a step back and look at what you’re presented with once you are in, the solution is staring you right in the face.

finally managed to get https working but its on chrome (p****2 file). can some tell us why it is not working on firefox?

Hey everyone,

I’m a bit new to working with the services running on this box. If someone has some resources and old writeups to help guide me I’d greatly appreciate it.

jeez port 443 is twitchy

finally rooted… wasn`t too keen on user, but root was good fun

I don get the point with the permissions in /home