I have find one vuln but the problem is that we need to get its output in order to exploit it and all the methods that I have tried to get it failed. Is there another way?
Still trying to find a vuln…
Haven’t gotten a single segfault yet >.<
Anyone found a fast method for the last stage? It’s way too slow. I’m just sitting here… praying that no one dares to touch the reset button.
Type your comment> @will135 said:
Anyone found a fast method for the last stage? It’s way too slow. I’m just sitting here… praying that no one dares to touch the reset button.
You can multithread it.
@sampriti heh… multithreading script failed on this one for me originally… anyways, 70% through with it now.
Type your comment> @will135 said:
Anyone found a fast method for the last stage? It’s way too slow. I’m just sitting here… praying that no one dares to touch the reset button.
Angry bird or perhaps something else? -
Rooted! What a journey lol.
Should the form’s web dir be enumerated further? I’ve tried sub-domains, vhosts, web dirs, etc. to locate this binary and I’m not finding it.
Am I functionally stupid…?
Also, congrats @sampriti, you crushed it.
Type your comment> @farbs said:
Should the form’s web dir be enumerated further? I’ve tried sub-domains, vhosts, web dirs, etc. to locate this binary and I’m not finding it.
Am I functionally stupid…?
Also, congrats @sampriti, you crushed it.
Maybe you should just be less brutal in your efforts -
how to start in rope machine
need hints to start box
whats wrong with the boxxxxx its restarting every minute !!!
.
Rope is very hard box that requires special skills and experience.
It was important for me not to restart nor reset box on the root part,
but I guess that more experienced hackers follow more elegant way to root.
stuck on the BOF part !
Managed to get shell on the box, but still trying to pivot to the other user. Any tip on this is welcome
may i ask a nudge about how to deal with web?
Type your comment> @julianjm said:
Managed to get shell on the box, but still trying to pivot to the other user. Any tip on this is welcome
Just rooted… I lost a lot of time on that step… Not everything in this box in insane
Whats with all the reverse engineering exploits?
User: Dont fall for the lfi exploit, just use it to grab some binaries. I repeat do not go down that rabbit hole. Spent two days on it.
Root: Same process as grabbing shell
so, I was able to rewrite messages the binary is showing when launched locally. Anyway, I’m not seeing how to take advantage of this. May I get some hints about what to do? PM!