PlayerTwo

Type your comment> @idomino said:

Stuck on the file we can download. Do I need to find anything else to be able to create my payload? Did the ‘walk’ and and I think I know what I’ll need to do but missing a crucial piece of information to do it.

You can actually achieve RCE with … a herring! «dramatic music stab»

Or, perhaps, with tarball you just happen to find lying around somewhere. Maybe take a break, decompress. Just a little redecoration in a way, not a renovation. No need to do anything that would require inspection.

@idomino said:
Stuck on the file we can download. Do I need to find anything else to be able to create my payload? Did the ‘walk’ and and I think I know what I’ll need to do but missing a crucial piece of information to do it.

A documentation from where you downloaded it gonna definitely help you to understand how it looks like and what you can do with it. Good Luck :slight_smile:

Type your comment> @idomino said:

Stuck on the file we can download. Do I need to find anything else to be able to create my payload? Did the ‘walk’ and and I think I know what I’ll need to do but missing a crucial piece of information to do it.

Same here, little clue would be nice. Thanks
Docs read couple of times, but if we add something, than it will not be as equal, and it will be rejected.

Type your comment> @BigBoss said:

Type your comment> @idomino said:

Stuck on the file we can download. Do I need to find anything else to be able to create my payload? Did the ‘walk’ and and I think I know what I’ll need to do but missing a crucial piece of information to do it.

Same here, little clue would be nice. Thanks
Docs read couple of times, but if we add something, than it will not be as equal, and it will be rejected.

I got 2 things that might be related to what was written in the documentation. But do not know how to implement it.

I don’t know if I’m on the right track, I have RCE. But I have not signed anything. The fact is that I do not get shell, just code execution :frowning: Anyone in the same situation?

@CyberVaca said:
I don’t know if I’m on the right track, I have RCE. But I have not signed anything. The fact is that I do not get shell, just code execution :frowning: Anyone in the same situation?

been there. you should be able to get from RCE to a shell.
PM if you need some hints

Type your comment> @CyberVaca said:

I don’t know if I’m on the right track, I have RCE. But I have not signed anything. The fact is that I do not get shell, just code execution :frowning: Anyone in the same situation?

How could you get it without signing?

I tried using netcat and I get the connection but the user -e / bin / bash does nothing … it is very rare. As for the signature, I have a trick that I used with other firmwares. I don’t want to do spoilers.

Ok, I already got shell without signing anything. Thank you.

@CyberVaca said:
Ok, I already got shell without signing anything. Thank you.

It’s just matter of understanding it. Well done :slight_smile:

thanks dude, I will continue to see what I see.

Got shell.
Trying to find a way for o******r user but can’t find much useful…

finally, get user. Initial foothold is very frustrating.

Type your comment> @verdienansein said:

Got shell.
Trying to find a way for o******r user but can’t find much useful…

Play with the interesting service inside the machine. Its simpler rather than find the foothold.

Very reminiscent of the good old days where you have to hex-edit games for whatever reasons :smiley:

I got the p****/ge*******.p**** file, am i in the right direction? cuz the curl doesnt work…

Type your comment> @SniperXD said:

I got the p****/ge*******.p**** file, am i in the right direction? cuz the curl doesnt work…

that’s a useful file to have :slight_smile:

Type your comment> @SniperXD said:

I got the p****/ge*******.p**** file, am i in the right direction? cuz the curl doesnt work…

it does, try harder

i got it guys, it was a bug… now im stuck with the 2fa

Type your comment> @limbernie said:

Very reminiscent of the good old days where you have to hex-edit games for whatever reasons :smiley:

You mean like with Zork, right?
#rip
#NeverForget
#BecauseReasons