Do you guys think that this box is bugged? Nothing comes back, even after restarting the box. Someone from here confirmed my script.
Iām on 10.10.14 .
Edit: tried on the Free server too.
Can someone that completed this box, retry it and confirm that it works? I spent a crazy amount of time on what seems to be a bugā¦
I am onto root, I can see the odd process, but i canāt execute it, download it or dump it. Is there some other way to interact with it, that iām missing?
Edit: Found what to do with it (thanks to @keyos1 ), but i canāt forward anything to me, as some have suggested in the post. Any nudges?
On average, how much did you guys wait for the initial foothold to trigger?
Iām havinā trouble triggering just the expected behaviour from the applicationā¦
I can get a ping back. No other command executes, trying to encode the commands but having difficulty in encoding all those quotes in a reverse shell. Any advise.
I can get a ping back. No other command executes, trying to encode the commands but having difficulty in encoding all those quotes in a reverse shell. Any advise.
I spent far too much time on Priv Esc due to a missing character white space character in my script, assumed it didnt work and went back into enumeration phase
My hint for rooting is that after you find the thing to exploit, take the instructions it gives you literally ā¦ its not a riddle.
I think also, I took a non standard path to user as I did not need to use āb**************.**pā to get the reverse shell.
I can get a ping back. No other command executes, trying to encode the commands but having difficulty in encoding all those quotes in a reverse shell. Any advise.
This was an absolute challenge for my skills, and sometimes beyond. Thank you for the nudges to @Adam2019 and @kareem. Thank you to @gioo and cneeliz; very nice work!
The slight instability of the box is - somehow - reflecting a real life situation. You are sending a payload and nothing happens. Is it a mistake in the payload or the wrong payload at all ā¦ or do you have to calm down and wait a bit.
i understand what the creator is trying to emphasize in bankrobber and also how the attack works, but it is not normal, that you have to wait for the payload to come or not come back for so long timeā¦ I am giving up on this, same payload is not returning anything even it did previous day I am talking about the backd******** script. Sorry really frustrating, it is bingo or lottery.
i understand what the creator is trying to emphasize in bankrobber and also how the attack works, but it is not normal, that you have to wait for the payload to come or not come back for so long timeā¦ I am giving up on this, same payload is not returning anything even it did previous day I am talking about the backd******** script. Sorry really frustrating, it is bingo or lottery.
I agree, I think the initial part should be patched - borderline unplayable even after revert.