Rope

Type your comment> @D4nch3n said:

Type your comment> @m9rcin said:

Just started working on the box and found binary. Is there source available somewhere or rather we need to rev?

You’re going to be doing a lot of reversing

thanx

I have find one vuln but the problem is that we need to get its output in order to exploit it and all the methods that I have tried to get it failed. Is there another way?

Still trying to find a vuln…

Haven’t gotten a single segfault yet >.<

Anyone found a fast method for the last stage? It’s way too slow. I’m just sitting here… praying that no one dares to touch the reset button.

Type your comment> @will135 said:

Anyone found a fast method for the last stage? It’s way too slow. I’m just sitting here… praying that no one dares to touch the reset button.

You can multithread it.

@sampriti heh… multithreading script failed on this one for me originally… anyways, 70% through with it now.

Type your comment> @will135 said:

Anyone found a fast method for the last stage? It’s way too slow. I’m just sitting here… praying that no one dares to touch the reset button.

Angry bird or perhaps something else? -:slight_smile:

Rooted! What a journey lol.

Should the form’s web dir be enumerated further? I’ve tried sub-domains, vhosts, web dirs, etc. to locate this binary and I’m not finding it.

Am I functionally stupid…?

Also, congrats @sampriti, you crushed it.

Type your comment> @farbs said:

Should the form’s web dir be enumerated further? I’ve tried sub-domains, vhosts, web dirs, etc. to locate this binary and I’m not finding it.

Am I functionally stupid…?

Also, congrats @sampriti, you crushed it.

Maybe you should just be less brutal in your efforts -:slight_smile:

how to start in rope machine

need hints to start box

whats wrong with the boxxxxx its restarting every minute !!!

.

Rope is very hard box that requires special skills and experience.
It was important for me not to restart nor reset box on the root part,
but I guess that more experienced hackers follow more elegant way to root.

stuck on the BOF part !

Managed to get shell on the box, but still trying to pivot to the other user. Any tip on this is welcome :slight_smile:

may i ask a nudge about how to deal with web?

Type your comment> @julianjm said:

Managed to get shell on the box, but still trying to pivot to the other user. Any tip on this is welcome :slight_smile:

Just rooted… I lost a lot of time on that step… Not everything in this box in insane :slight_smile:

Whats with all the reverse engineering exploits?

User: Dont fall for the lfi exploit, just use it to grab some binaries. I repeat do not go down that rabbit hole. Spent two days on it.

Root: Same process as grabbing shell