Rope

Type your comment> @farbs said:

Should the form’s web dir be enumerated further? I’ve tried sub-domains, vhosts, web dirs, etc. to locate this binary and I’m not finding it.

Am I functionally stupid…?

Also, congrats @sampriti, you crushed it.

Maybe you should just be less brutal in your efforts -:slight_smile:

how to start in rope machine

need hints to start box

whats wrong with the boxxxxx its restarting every minute !!!

.

Rope is very hard box that requires special skills and experience.
It was important for me not to restart nor reset box on the root part,
but I guess that more experienced hackers follow more elegant way to root.

stuck on the BOF part !

Managed to get shell on the box, but still trying to pivot to the other user. Any tip on this is welcome :slight_smile:

may i ask a nudge about how to deal with web?

Type your comment> @julianjm said:

Managed to get shell on the box, but still trying to pivot to the other user. Any tip on this is welcome :slight_smile:

Just rooted… I lost a lot of time on that step… Not everything in this box in insane :slight_smile:

Whats with all the reverse engineering exploits?

User: Dont fall for the lfi exploit, just use it to grab some binaries. I repeat do not go down that rabbit hole. Spent two days on it.

Root: Same process as grabbing shell

so, I was able to rewrite messages the binary is showing when launched locally. Anyway, I’m not seeing how to take advantage of this. May I get some hints about what to do? PM!

rooted! love this box! if someone need help poke me in priv. :wink:

Finally rooted! I’m not so good at binary exploitation, that’s why I really like boxes like this, thanks a lot!

ok, where is the binary xDDD i got the Exploit but where is the binary xD

■■■■ of a box! Took me close to a week to fully root, but the time spent was well worth it. Most of this box is pretty darn textbook, but that doesn’t make it any easier.

Big shout-out to @xsmile for helping me take another look at something I overlooked during privesc.

The way this box combined something you could grab from your initial foothold with your actual exploitation was really cool imho.

110% learned a lot from this box, props to the creator for making such a great box. Happy to give anyone who desperately needs it a nudge via PM :slight_smile:

This box is a good reason why VIP is needed. With VIP, you get good latency and minimal resets. As a non-VIP user, I had to pray for a good latency (it wasn’t consistent in my case, which averages about 500ms) and a little bit of luck no one resets the box while my exploit is running. Overall, a straightforward, no nonsense box. Kudos to @R4J.

Hi! i’m stuck at recon phase. I found high port, login page and studied all .js and .css … what i’m missing?

Type your comment> @debeMechero said:

Hi! i’m stuck at recon phase. I found high port, login page and studied all .js and .css … what i’m missing?

Focus on the name of the box

Found a way to download the binary. Now i’m stuck. I can’t figure out how to fire a BOF…
Someone can PM me a hint on which function should be (ab)used ?