Safe

Finally made user part. My first BOF and ROP. It took me a long time to get used to radare2 and learn the idea of ROP and reversing binaries at all.

It was fun and had educative value. Great.

Feel free to dm me for nudges.

Type your comment> @thegoatreich said:

Type your comment> @nospace said:

Encountering this kind of challenge for the first time and so I am not able to get a foothold. Would someone please recommend me some resources to get started with? Any specific IPPsec videos maybe?

Have a look at IPSec’s Bitterman video.

Does anyone have an idea how I can get hashcat to run in a VM environment when I can’t use GPU? I’ve tried all the results I’ve found online but I still can’t get it to work.

Hashcat is great with a GPU, but if you don’t think you’re going to have access to one soon, I would just use John.

It seems that I’ve got root password from the .k*** file but when i’m trying ssh to the box, it says that the password is incorrect.

Am I missing something here?
Does anyone else has the same issue?

Type your comment> @boris154 said:

It seems that I’ve got root password from the .k*** file but when i’m trying ssh to the box, it says that the password is incorrect.

Am I missing something here?
Does anyone else has the same issue?

Yes, you’ll have to find another way to switch user.

Who can I bug with a stupid question about the bittermann video? (first time buf, rop here…)

Anyone can give me hints on how to swotch user i have the root password and everything but can’t switch.

deleted

Guys,

it seems images are filled with some info. I used steghide and it prompts for password. It doesnt have anything with task (root hash already obtained) but just for my curiosity: did anyone cracked it? Is it some easter egg? Is it worth to be cracked or just a rabbit hole?

Deleted

Some advice to prevent people from wasting time: h***t doesn’t seem to work properly for some people when you have more than one hh.

If you think you have everything right but h*****t isn’t playing nice, try jt* instead.

Hey I got the root password from M********.K **x file I don’t know where to use that to login as root someone Ping me the hint

deleted

hheeeeeelp :smiley: I got the exploit working locally, but remotely something is not in line… appreciate any help

@dr0ctag0n said:

I was excited to see another ‘easy’ box getting released and the first step is literally custom exploitation and reverse engineering XD

I’ve only been on this site for about a week. Managed to find the reference to high port, and have no idea how to get this sound-chamber to say what I want.
That’s what I get for picking the box everyone said was easy.

rooted :slight_smile: safe is safe :stuck_out_tongue: good box with custom exploitation

This box was definetly was a nice learning curve!!!

User:
Try and look at the fluff binary and how its solved… I cant put the name of the site where its found but PM me for a URL

Root:
Well just look around and u shall see

It’s a great box
I think this box costs more than 20 points, but it was a funny
Thank you

Type your comment> @hackWorld00 said:

I need a hint for user, i noticed a lot of people wrote their strings to memory and execute it from there, how(just adding the string potion)? , I can’t find any tutorials specifically for this, all I can find is the spawn a shell from libc, and they avoid adding the string to the memory route. thank you

Thinking about the same thing… :confused: have you found a good article about it?

Finally rooted it!

Decided to choose this machine second, to test my hacking pentesting skills on it.
In shorts… I made a bad choice…

Anyway there is few tips about moments, which confused me:

User
There’s exist bunch of BoF’ing methods depends on file protection and functions, which is available in binary. Use the most suitable one.

Root
Everything u have - everything u need. If u’re going right way things will happen quickly.

Also feel free to PM me here or in discord, if u need some tips about this machine

Deleted