Safe

Is it the same process as Ellingson root ? I’ve got an idea of what to do but I’m not sure of it as it is an easy machine :slight_smile:

Does one need to work on Bo* to exploit the my*** binary…or there is something else…port knocking is not there I think…

Stuck at this friggin’ K***X file. Pumping rockyou through it, no results. Do I have to do friggin’ Steganalysis on the images or WTF? Using them as key files didn’t work. Not even when concatenating them. And I don’t know who rated this box as 20 points and “easy” when you have to do binex… but the one responsible for this rating should lay off the drugs.

Can someone PM me any hints for how to exploit the my*** binary ?

Asking for a PM nudge when it comes to my*** binary cant seem to find anything

Type your comment> @dewdrop0247 said:

Asking for a PM nudge when it comes to my*** binary cant seem to find anything

Same here… this drives me nuts :frowning:

Hint for people stuck at finding the right technique to exploit the binary: Google the question the binary outputs and you will find a very similar example from a CTF where also the technique is mentioned and partially explained.

Type your comment> @darkkilla said:

Hint for people stuck at finding the right technique to exploit the binary: Google the question the binary outputs and you will find a very similar example from a CTF where also the technique is mentioned and partially explained.

Thx. Found it. But in this case if we really have to do R**, this box should be at least a medium one…

Type your comment> @v1p3r0u5 said:

Thx. Found it. But in this case if we really have to do R**, this box should be at least a medium one…
Yeah I believe you’re not alone with this opinion. Okay, if you know your R**/binex well, the 15 minute User Blood is possible and for those people this might be easy. But the ratings of the box show that many people probably disagree with the rating. I also think that binex shouldn’t be on a 20 points box. Also the box isn’t very fun at all so far… Ellingson was very awesome from the whole theme. I didn’t mind the binex there at all… but this box? No fun at all. Just an Apache and xinetd slapped on some Debian box and a comment added somewhere where many people felt trolled hard. If that’s the new “standard” for HTB submissions then I could probably write a box generator that’d deliver the same stuff.
So far I’m still stuck at the root stage… but I guess that also has to do with some more stupid trolling or sth…

Hi i got stuck on this one, do i have to use a BoF ?!?!

i noticed wenn i send a long value to the port i dont get the repsone i usualy get there…
but i have no clue how i can get the binary… to create a exploit…

maybe somone can push me litle bit in the right direction

thx

Type your comment> @smaxs said:

Hi i got stuck on this one, do i have to use a BoF ?!?!

i noticed wenn i send a long value to the port i dont get the repsone i usualy get there…
but i have no clue how i can get the binary… to create a exploit…

maybe somone can push me litle bit in the right direction

thx

I am also thinking about same …Also downloaded the binary on my local system and use same U r talking about and also experience what BoF gives…still thinking about it

Type your comment> @smaxs said:

Hi i got stuck on this one, do i have to use a BoF ?!?!

i noticed wenn i send a long value to the port i dont get the repsone i usualy get there…
but i have no clue how i can get the binary… to create a exploit…

maybe somone can push me litle bit in the right direction

thx

I’m stuck here as well :frowning: Looks like a BoF, but where to get the bin???

Type your comment> @kckriega said:

I’m stuck here as well :frowning: Looks like a BoF, but where to get the bin???

Hope this comment helps you to get the binary…

Type your comment> @opt1kz said:

Type your comment> @Ketil said:

Would anyone mind dropping some names of techniques which i must have overlooked.

Turn off 90% of your brain and just right-click.

Type your comment> @v1p3r0u5 said:

Type your comment> @kckriega said:

I’m stuck here as well :frowning: Looks like a BoF, but where to get the bin???

Hope this comment helps you to get the binary…

Type your comment> @opt1kz said:

Type your comment> @Ketil said:

Would anyone mind dropping some names of techniques which i must have overlooked.

Turn off 90% of your brain and just right-click.

Thanks. Heading over to the shame corner.

Type your comment> @kckriega said:

Thanks. Heading over to the shame corner.

Never mind. Maybe you will have more success with the following part than me. Good luck!

hey all has anyone had any joy getting the seg fault to happen within gdb, i keep getting"Warning: not running or target is remote

Any hints for root? Stuck at it for a long time. Tried breaking the hash, but nothing,!

Rooted.

Having binary exploitation usually makes me give the box an automatic like, however the rest of this box is pretty bad; I can now see why this box has such bad ratings now.

For user: The source is your friend. Once you get it, remember why this box is rated easy: You don’t need to go through the entire ret2libc-leak-calculate process. If system’s provided to you, but you don’t have the shell string, maybe it’s possible to provide one yourself?

For root: Just using k***2j won’t work. One of the images needs to be used in conjunction with it.

Thanks to @snowscan and @xdaem00n for your help!

I have my exploit works local in my host, but doesn’t works in remote server…Anyone can give me in DM some hits? Thanks…

Type your comment> @MrR3boot said:

How even this box got approved. wasted my precious time today on this. Its simply copy of previous ones…

we were thinking the same thing…