Obscurity

Pew, finally rooted. I dont really think, this box should be marked as “easy”. to be honest, foothold has space to do some tricks. maybe, i am just a noob, but next steps wasnt “easy” for me. i would rather call it “easy-medium”. Thanks @clubby789. Great box

gobuster and ffuf not working for me. any hints plz?

EDIT: Got it, thanks for the nudges!

Type your comment> @rudem said:

gobuster and ffuf not working for me. any hints plz?

it works…

Just rooted, appreciation to @c1cada for nudge in initial foothold.
Escalation to root super easy. Overall I can imagine that for devs specializing in one famous reptile language this whole machine is very easy (first blood in user and root taken in less than half an hour).
In summary - nice experience, especially initial part.

Type your comment> @Hilbert said:

I thought that was a super fun box, I enjoyed every step

user: If you understand what it’s doing, you don’t even need to write a line of code to reverse it

root: I’m apparently opposite of everyone so far, as I thought root (I went intended way) was significantly harder than user (Thanks to @bertalting for the help), so if that’s you, don’t get discouraged by the comments, you aren’t alone. If you are stuck you might want to Watch where you are looking. Also, I had to create the /***/S**/ directory for some reason which I don’t understand, but if you are getting that error, try that.

I think someone has deleted the S… folder so that you must create it again. There are some trolls around on every box :slight_smile:

Anyone care to PM me a nudge for the fuzzing of the directory? Tried ffuz and wfuzz with a lot of lists, but no fun so far

Spoiler Removed

Oops, my bad. Thought I was completely off so it wouldn’t be a spoiler LOL

Spoiler Removed

Получил root.

Машина очень полезная. Много нового узналю

Спасибо за создание @clubby789 . Ощущение двоякое в одном месте машина легка в другом сложна. Для ее решение нужно понимание яп python и bash

до пользователя нужно найти на сайте где расположен скрытый файл .py изучить его и понять как можно это использовать

изучите код и поймите что можно использовать и сделайте нагрузку. и получите оболочку

user: изучите скрипт поймите как он шифрует и попробуйте расшифровать. кодить не надо скрипт все сам делает. процедуру нужно повторить несколько раз

root: знания Bash и зацикливание вам помогут в открытие файла.

Hi guys can I have a nudge for encrypted

If you know Python, this machine would be a piece of cake. Otherwise, you may suffer.

This machine is purely CTF in my opinion so I really didn’t like it.

Initial entry: find the path, fffuf is the way to go.

User: Python (you will probably need to write code here)

Root: Python (reading is enough)

Good luck!

here my problem User: Python (you will probably need to write code here)

Rooted. My experience:
Foothold: Need a little bit of clever wfuzz. Just look at the 404 error its giving if you need hint…
User: The hardest one in this machine. I spend a whole day for it… You will need programming and math skills for decrypting it.
Root: Really easy once you do the user. Remember, if you cannot do a thing quickly, that’s why scripts were invented…

Feel free to PM me for hints. But I won’t be available for whole day. So be patient if I don’t reply…

I had a lot of fun with this one. Took some time, since after I had some network issues with netcat keeping open, I created my own “reverse-shell” for this.

It’s far from good, but I thought the idea was so laughable, that i just had to do it.

You can see it at : GitHub - blaudoom/HTB_obscurity
zip protected by root-flag

Also spent too much time not reading filenames properly and mistook the py in the home folder for the server-script. I was looking all over the server for the file :stuck_out_tongue:

@clubby789 Good first box IMO

Edit: Have to add that, eventough the root was easy, it was very current.

Rooted!

Initial FootHold:

  • Read the webpage and you will find something interesting but with not known path (any fuzzing tool will help you)
  • Read code and exploit

User:

  • Brute force is not necessary

Root:

  • Really?

I don’t know if I’d rate this as a pure CTF. It’s a lot of code reading, but that’s part of pentesting real world systems too. It just seems to be more condensed here. At least it’s not in some obscure language.

Foothold: Any fuzzer should work. I used wfuzz. Running the .py locally for debugging is a huge help.
User: More code reading. Take the time to understand the math being done. Ignore the context of what it says is being done, and just focus on the math.
Root: More code reading… pretty simple.

As a developer, I enjoy using someone’s code against them. Thanks @clubby789, that was fun.

I’ve read every post 3 times, tried several wordlist, even the full r**ky*u.txt with and without ext. I am doing something wrong and can’t figure out what i need to do. will someone pm me a nudge?

Thanks - got it

Rooted :slight_smile:

Fun and challenging box

Type your comment> @102707 said:

I’ve read every post 3 times, tried several wordlist, even the full r**ky*u.txt with and without ext. I am doing something wrong and can’t figure out what i need to do. will someone pm me a nudge?

I used d.td.t…n to find something very interesting. Parseltongue, what’s that? Time to learn. Yes, I’m still struggling :slight_smile:

Type your comment> @sulcud said:

Rooted!

Initial FootHold:

  • Read the webpage and you will find something interesting but with not known path (any fuzzing tool will help you)
  • Read code and exploit

User:

  • Brute force is not necessary

Root:

  • Really?

Just what i thought when i did root too :smiley: