Rope

Beginning the discussion here

«13

Comments

  • Has anybody found anything besides the high port?

  • High port's definitely all you need I think

  • I find it weird that a like this gets first user blooded within the first 2 hours, wheras a easier box such as smasher gets first blooded in over 16 hours.... is there something I'm missing?

  • I am able to read files from the host but can't find an angle for initial shell.

  • Interestingly enough, my usual method for the first type of binexp fails... There are 2 things I have determined that I need to overwrite, but has anyone gotten a working payload from pwn tools?

    will135

  • edited August 4

    Not sure why this comment is considered a spoiler. It was a tip to make people not waste hours on an issue that shouldn't happen. People will encounter it if they do the method requiring a more complex payload using pwn tools' help (is this still a spoiler now?). Even the creator said that it should work, but then he told me to just try an easier way. The easier way, in turn, did work with my normal method. Originally, I thought the program was designed in a way to bug a feature of pwn tools, but I guess not in the end.

    will135

  • Just started working on the box and found binary. Is there source available somewhere or rather we need to rev?

    m4rc1n

  • edited August 4

    Might be missing something obvious but how am I meant to connect to the high port?

    Hack The Box
    If you need help with something, PM me how far you've got already, what you've tried etc (I won't respond to profile comments). And remember to +respect me if I helped you ; )

  • Type your comment> @m4rc1n said:

    Just started working on the box and found binary. Is there source available somewhere or rather we need to rev?

    You're going to be doing a lot of reversing

  • Type your comment> @D4nch3n said:

    Type your comment> @m4rc1n said:

    Just started working on the box and found binary. Is there source available somewhere or rather we need to rev?

    You're going to be doing a lot of reversing

    thanx

    m4rc1n

  • I have find one vuln but the problem is that we need to get its output in order to exploit it and all the methods that I have tried to get it failed. Is there another way?

  • Still trying to find a vuln...

    Haven't gotten a single segfault yet >.<

  • edited August 5

    Anyone found a fast method for the last stage? It's way too slow. I'm just sitting here... praying that no one dares to touch the reset button.

    will135

  • Type your comment> @will135 said:

    Anyone found a fast method for the last stage? It's way too slow. I'm just sitting here... praying that no one dares to touch the reset button.

    You can multithread it.

  • edited August 5

    @sampriti heh... multithreading script failed on this one for me originally... anyways, 70% through with it now.

    will135

  • Type your comment> @will135 said:

    Anyone found a fast method for the last stage? It's way too slow. I'm just sitting here... praying that no one dares to touch the reset button.

    Angry bird or perhaps something else? -:)

    m4rc1n

  • Rooted! What a journey lol.

    will135

  • Should the form's web dir be enumerated further? I've tried sub-domains, vhosts, web dirs, etc. to locate this binary and I'm not finding it.

    Am I functionally stupid...?

    Also, congrats @sampriti, you crushed it.


    Hack The Box
    defarbs.com - "Let me just quote the late, great Colonel Sanders, who said, 'I'm too drunk... to taste this chicken.'”

  • Type your comment> @farbs said:

    Should the form's web dir be enumerated further? I've tried sub-domains, vhosts, web dirs, etc. to locate this binary and I'm not finding it.

    Am I functionally stupid...?

    Also, congrats @sampriti, you crushed it.

    Maybe you should just be less brutal in your efforts -:)

    m4rc1n

  • how to start in rope machine

  • edited August 5

    need hints to start box

  • whats wrong with the boxxxxx its restarting every minute !!!!!!

  • edited August 6

    .

    limbernie
    Write-ups of retired machines

  • Rope is very hard box that requires special skills and experience.
    It was important for me not to restart nor reset box on the root part,
    but I guess that more experienced hackers follow more elegant way to root.

    tabacci

  • stuck on the BOF part !
    No Hack No Life ✌😒
  • Managed to get shell on the box, but still trying to pivot to the other user. Any tip on this is welcome :)

    julianjm

  • may i ask a nudge about how to deal with web?

  • Type your comment> @julianjm said:

    Managed to get shell on the box, but still trying to pivot to the other user. Any tip on this is welcome :)

    Just rooted... I lost a lot of time on that step... Not everything in this box in insane :)

    julianjm

  • Whats with all the reverse engineering exploits?

    User: Dont fall for the lfi exploit, just use it to grab some binaries. I repeat do not go down that rabbit hole. Spent two days on it.

    Root: Same process as grabbing shell

  • so, I was able to rewrite messages the binary is showing when launched locally. Anyway, I'm not seeing how to take advantage of this. May I get some hints about what to do? PM!

    Randsec

Sign In to comment.