Spoiler Removed
Oops, my bad. Thought I was completely off so it wouldn’t be a spoiler LOL
Spoiler Removed
Oops, my bad. Thought I was completely off so it wouldn’t be a spoiler LOL
Spoiler Removed
Получил root.
Машина очень полезная. Много нового узналю
Спасибо за создание @clubby789 . Ощущение двоякое в одном месте машина легка в другом сложна. Для ее решение нужно понимание яп python и bash
до пользователя нужно найти на сайте где расположен скрытый файл .py изучить его и понять как можно это использовать
изучите код и поймите что можно использовать и сделайте нагрузку. и получите оболочку
user: изучите скрипт поймите как он шифрует и попробуйте расшифровать. кодить не надо скрипт все сам делает. процедуру нужно повторить несколько раз
root: знания Bash и зацикливание вам помогут в открытие файла.
Hi guys can I have a nudge for encrypted
If you know Python, this machine would be a piece of cake. Otherwise, you may suffer.
This machine is purely CTF in my opinion so I really didn’t like it.
Initial entry: find the path, fffuf is the way to go.
User: Python (you will probably need to write code here)
Root: Python (reading is enough)
Good luck!
here my problem User: Python (you will probably need to write code here)
Rooted. My experience:
Foothold: Need a little bit of clever wfuzz. Just look at the 404 error its giving if you need hint…
User: The hardest one in this machine. I spend a whole day for it… You will need programming and math skills for decrypting it.
Root: Really easy once you do the user. Remember, if you cannot do a thing quickly, that’s why scripts were invented…
Feel free to PM me for hints. But I won’t be available for whole day. So be patient if I don’t reply…
I had a lot of fun with this one. Took some time, since after I had some network issues with netcat keeping open, I created my own “reverse-shell” for this.
It’s far from good, but I thought the idea was so laughable, that i just had to do it.
You can see it at : GitHub - blaudoom/HTB_obscurity
zip protected by root-flag
Also spent too much time not reading filenames properly and mistook the py in the home folder for the server-script. I was looking all over the server for the file
@clubby789 Good first box IMO
Edit: Have to add that, eventough the root was easy, it was very current.
Rooted!
Initial FootHold:
User:
Root:
I don’t know if I’d rate this as a pure CTF. It’s a lot of code reading, but that’s part of pentesting real world systems too. It just seems to be more condensed here. At least it’s not in some obscure language.
Foothold: Any fuzzer should work. I used wfuzz. Running the .py locally for debugging is a huge help.
User: More code reading. Take the time to understand the math being done. Ignore the context of what it says is being done, and just focus on the math.
Root: More code reading… pretty simple.
As a developer, I enjoy using someone’s code against them. Thanks @clubby789, that was fun.
I’ve read every post 3 times, tried several wordlist, even the full r**ky*u.txt with and without ext. I am doing something wrong and can’t figure out what i need to do. will someone pm me a nudge?
Thanks - got it
Rooted
Fun and challenging box
Type your comment> @102707 said:
I’ve read every post 3 times, tried several wordlist, even the full r**ky*u.txt with and without ext. I am doing something wrong and can’t figure out what i need to do. will someone pm me a nudge?
I used d.td.t…n to find something very interesting. Parseltongue, what’s that? Time to learn. Yes, I’m still struggling
Type your comment> @sulcud said:
Rooted!
Initial FootHold:
- Read the webpage and you will find something interesting but with not known path (any fuzzing tool will help you)
- Read code and exploit
User:
- Brute force is not necessary
Root:
- Really?
Just what i thought when i did root too
.
which wordlist to use while fuzzing ? tried default wfuzz ,not giving any result
Thanks to the creator of the box, but I did not appreciate this machine at all.
root@obscure:/root# id
uid=0(root) gid=0(root) groups=0(root)
The user part is relatively simple … This is subjective of course … Otherwise for the root part you will not have too much complication.
Thanks ! @clubby789
Type your comment> @wolfflow27 said:
which wordlist to use while fuzzing ? tried default wfuzz ,not giving any result
ffuf works really well for initial fuzzing.
Rooted… learned few things… Was great! Seems i know a lot better Py then bash… as i used Py script for root… Need to close gaps in bash
Password for root really funny
Feel free to ask if struggle…
Seem to be having a problem with the initial fuzzing, don’t seem to be able to find the directory