[JET] Fortress

1235710

Comments

  • Hi there, can anyone help me a little with "Bypassing Authentication"?
    Thanks.

  • stuck @ Memo

  • edited October 2019

    .

  • edited October 2019

    Any tip for command?

    ** * Nm, got It.

  • Hints :)
    bypass auth - jet uses sql database so you know what to do.
    command - as the word says you need to give your command somewhere,burp helps :)
    overflown - as the word says you need to overflow something .

    Note:Read the task name in HTB its a hint actually.

  • Hi, anyone is still doing that box ? i'm stuck at elasticity and could use some hints, i've try every idea i could find :/

  • edited November 2019

    Any hint on command's payload/action?
    I can do simple stuff, but if i try to manipulate potential target (found only one in dashboard) it is just not happening.
    EDIT: So, manipulate potential target (doing XSS) pointless indeed. Look for vulns in unusual mechanism.

  • *Spoiler Removed*
  • Hi at the moment i'm stuck at ex*****.z** have use z*****hn export both hashes to a file but john seems unable to crack the hashes

    can some tell me what program to use?

    thanks

  • Hi,
    Could someone give a nudge on "digging in.." , I tried known tools, but do not have results? Thanks

  • edited November 2019

    Stuck at Command. Spotted the path in, but can't figure out how to leverage.

    Edit: Got it. Once I figured out how it was meant to work, breaking it was easy.

    clubby789

    • GCIH | GCIA
      If you need help with something, PM me how far you've got already, what you've tried etc (I won't respond to profile comments, or on box release night). And remember to +respect me if I helped you ; )
  • Type your comment> @jvlavl said:

    Hi at the moment i'm stuck at ex*****.z** have use z*****hn export both hashes to a file but john seems unable to crack the hashes

    can some tell me what program to use?

    thanks

    Hi,
    i also need some help at this section :-( is somebody here who could help me please?

  • I'm stuck on Overflown, if someone can PM it would be great.

  • stuck on making command to work ... can anyone help??

    mitoOo

  • Somehow I skipped over "Going deeper", but after trying to go deeper I can't get anywhere. Could someone PM me with a pointer in the right direction?

  • @dnperfors said:

    Somehow I skipped over "Going deeper", but after trying to go deeper I can't get anywhere. Could someone PM me with a pointer in the right direction?

    Go back to that stage and look for the flag in the site.

    clubby789

    • GCIH | GCIA
      If you need help with something, PM me how far you've got already, what you've tried etc (I won't respond to profile comments, or on box release night). And remember to +respect me if I helped you ; )
  • anyone got access to the server "not as w**-----" after completing the command challenge?

    mitoOo

  • edited December 2019

    Hint for overflow: look at available libraries for both versions of python on jet.

  • @clubby789 said:
    @dnperfors said:

    Somehow I skipped over "Going deeper", but after trying to go deeper I can't get anywhere. Could someone PM me with a pointer in the right direction?

    Go back to that stage and look for the flag in the site.

    Thanks everybody giving me some hints, but I am looking for hints for "Going deeper", not for "Bypassing Authentication" (which I already solved....)

  • can any one help me with overflown??? should the binary port be accessible remotely or locally?

    mitoOo

  • edited December 2019

    Can someone help with overflow?
    I have working script for my local machine, but in jet machine it prints some strange characters in the middle of execution and then fails, can't understand why.

    EDIT: proper tty is critical. You can find methods by "upgrading tty" search. Look for stty method.

  • Scratching my head at Digging In.... I thought this would be pretty straight forward, but I'm clearly missing something. I'm not getting any answers withdig and I'm coming up empty with every tool I've used outside of dig. Can anyone give me a nudge? I'm happy to share everything I've tried via PM.

    d3v1ant

  • Type your comment> @d3v1ant said:

    Scratching my head at Digging In.... I thought this would be pretty straight forward, but I'm clearly missing something. I'm not getting any answers withdig and I'm coming up empty with every tool I've used outside of dig. Can anyone give me a nudge? I'm happy to share everything I've tried via PM.

    same.

    windows 7 10 is my rig :) if it can't be done on windows, i fail.

  • reverse look gives you more information...

  • Type your comment> @djbrains said:

    Type your comment> @d3v1ant said:

    Scratching my head at Digging In.... I thought this would be pretty straight forward, but I'm clearly missing something. I'm not getting any answers withdig and I'm coming up empty with every tool I've used outside of dig. Can anyone give me a nudge? I'm happy to share everything I've tried via PM.

    same.

    I got it. Made a foolish mistake when I was calling dig. If you still need a nudge let me know.

    d3v1ant

  • Type your comment> @d3v1ant said:

    Type your comment> @djbrains said:

    Type your comment> @d3v1ant said:

    Scratching my head at Digging In.... I thought this would be pretty straight forward, but I'm clearly missing something. I'm not getting any answers withdig and I'm coming up empty with every tool I've used outside of dig. Can anyone give me a nudge? I'm happy to share everything I've tried via PM.

    same.

    I got it. Made a foolish mistake when I was calling dig. If you still need a nudge let me know.

    found it to, bypass ismy next step.

    windows 7 10 is my rig :) if it can't be done on windows, i fail.

  • edited December 2019

    Can someone give a hint about solving Secret Message? I tried some auto tools on encrypted.txt and all of them did not gave good key, so i started doing stuff manually, i think i got correct first 5 letters...

    EDIT: so good auto tools exist, it is very important to find correct key length (i did it with one tool), and then start guessing content (i did it with another tool) knowing correct key length.

  • edited December 2019

    is there a problem with jet? or is it my connection?
    kan setup vpn (fortress) but 10.13.37.10 is unreachable.

    windows 7 10 is my rig :) if it can't be done on windows, i fail.

  • Type your comment> @djbrains said:

    is there a problem with jet? or is it my connection?
    kan setup vpn (fortress) but 10.13.37.10 is unreachable.

    which vpn key did you use?

  • Type your comment> @CzaryMary said:

    Type your comment> @djbrains said:

    is there a problem with jet? or is it my connection?
    kan setup vpn (fortress) but 10.13.37.10 is unreachable.

    which vpn key did you use?

    it was down.

    windows 7 10 is my rig :) if it can't be done on windows, i fail.

Sign In to comment.