Safe

It’s actually funny how the user challenge is way better than half the challenges in Reverse Engineering set. Tip of the hat to the author.

Old versions of J*** T** R***** in Kali Linux has some issues with the key. Simply updating it will solve the issue.

Type your comment> @0verfl00w said:

Has anyone tried to work with pwntools? The executable hangs after recvAll(). Any clues?

It works fine with pwntools, just be careful on what your trying to read from the socket, in this case you probably want to read a line.

Hi All,
Could anyone help on the exploit to the machine.

Hey All, This is my first ROP challenge. watched some youtube videos a couple of times, also the one that was mentioned here earlier, read some similar CTF writeups also trying to learn pwntools a little better but the recvline stuff is throwing me off. Think I’m stuck at leaking puts.
Also not sure if i’m over-complicating it. I find it hard to learn this. Anyone got some tips or recommended learning material?

rooted. The toughest Easy machine for me due to lack of my ROP experience.
Thank you @quantatic for your advice, and also I respect to @ecdo for an interesting machine.
After all, I obtained a shell by only 2 functions, so it supposed to be an Easy machine if you are familiar with stack and function call.

Any chance of a PM regarding getting my exploit to run locally? It’s just hanging at the moment.

For those who are still trapped in the binary, a tip, look at the code they gave you everything there for something, do not think so much about ret2lib but if in R * P, you have the function you need just call it back passing other values and now , you don’t need to do a shellcode or anything I just execute a command interpreter.
well i’m stuck in the root if someone could help from inside would be helpful

Root ok
I already have root, for the root everything is in sight, read well the tool you want to use before ha *** at and you will see what to do

Hello! It is the first time I am trying anything different from nice and easy stack execution. I have spent many many hours trying to get this to work. Could please somebody pm to offer some help on continuing to the correct direction? Thank you!!

hey there ,
i manage to run the app locally but i am having hard time make it work remotely !!!
can anyone pm me to give me a hint

Encountering this kind of challenge for the first time and so I am not able to get a foothold. Would someone please recommend me some resources to get started with? Any specific IPPsec videos maybe?

Can someone PM me to help me with root?

Got it

Type your comment> @nospace said:

Encountering this kind of challenge for the first time and so I am not able to get a foothold. Would someone please recommend me some resources to get started with? Any specific IPPsec videos maybe?

Have a look at IPSec’s Bitterman video.

Does anyone have an idea how I can get hashcat to run in a VM environment when I can’t use GPU? I’ve tried all the results I’ve found online but I still can’t get it to work.

OK. I have the root password from k**"£ss but I can’t login with it. WTF? Any clues?

Does anyone have an idea how I can get hashcat to run in a VM environment when I can’t use GPU? I’ve tried all the results I’ve found online but I still can’t get it to work.

If I recall corrently, the ‘–force’ option should work.

I tried that but still nothing. I used jtr in the end which went fine.

Thanks though :slight_smile:

I found high port 1**7 but I didn’t fine binary file. Could anyone give me any hints?

@putuamo You can get the app itself from the regular port. Poke around a little bit and you should find it.

I was able to get the app, offsets, and put together the start of an exploit based on IppSec’s Bitterman video, but having trouble reading data from the app when using pwntools. When I run the exploit I don’t get a seg fault anymore and it just exits normally. I read earlier posts about issues with the \n character and have tried several other methods of reading data, but no luck. Any hints on the right direction?

Hey guys, having a really hard time getting started on this one… I’m assuming I should be focusing on the ***7 port but alas my web skills are not as good as most of you. Any of you care to help a n00b stop being a n00b :smile: