Obscurity

This was a really fun box once I accepted that tools were not going to do it for me. :slight_smile:

tips:

  • So. much. CTF. Accept it and your life will be easier
  • make friends with iPython so you can quickly test things and understand how they work
  • if your tools aren’t finding things during initial foothold, take a step back and think about how to invoke the tool to ask the right questions

all the other hints are already here. This style of box is usually not my thing but I really enjoyed this one. Well done @clubby789 - thank you!

I got a shell once. Then it screwed itself up. And now I can’t get it to run again. Is this thing supposed to be this weird with finickiness?

Managed to get a shell, now stuck trying to get user

Managed to get what I think is key, but do I need to use p***********.txt?

Type your comment> @Yoshi27 said:

Managed to get a shell, now stuck trying to get user

Managed to get what I think is key, but do I need to use p***********.txt?

The key is used to determine the password, which requires p***********.txt.

Spoiler Removed

Fun box! I enjoyed it.
PM is open if anyone needs it.

Type your comment> @133794m3r said:

Spoiler Removed

Hey,
the syntax error is most probably because of your encoding or how you are bypassing your code.

cool box, nice straight forward hints :slight_smile:
PM if you need a nudge

Rooted!!!
Fun Box.

Root is much easier than user. Hardest part is initial foothold.
There is all you need on this board (maybe even too much) to go till the end.

Once again root was insanely easier than initial foothold. I feel like the free tier boxes are just super flakey.

I’m having trouble copying the files from the remote box to my machine. scp keeps giving me connection refused. Should I just copy and paste? That doesn’t seem right.

just started this box and already annoyed with finding the directory. have ran it through dirbuster, wfuzz, ffuf etc without results. Can someone shoot me a nudge?

Edit - Once again, i was so close and just missed a stupid part. Thanks for the help everyone. Time to pull my hair out next looking for user.

Type your comment> @p4ncake said:

I’m having trouble copying the files from the remote box to my machine. scp keeps giving me connection refused. Should I just copy and paste? That doesn’t seem right.

if you want to just copy/paste it, encode it into base64 first

I’m pretty confident about my ffuf syntax but i’m obviously missing something, could someone PM me? No fuzzer gives me any result. I want to move on already!

Edit: Nevermind… got it

Having trouble finding the .py file. Tried using dirbuser, dirb, wfuzz, ffuf, with almost every wordlist. Not sure what I am doing wrong. Can someone PM me, I would greatly appreciate it.

rooted!
Nice box, force us not only to read an understand source code, also offers a good exercise analyzing it looking for vulnerable code and how to exploit it.

PM if need some help

rooted

So this being my first box - quite enjoying it so far. However, got as far as the py code and know where the vuln is… just have no clue how to go about it! Any nudges are welcome :slight_smile:

Rooted finally! Had a lot of fun with this one.
As others have mentioned, I found user to be much harder than root.

Some tips:

Foothold: How can you get somewhere else from where you are? Read the code carefully and understand what it’s doing. How can you make sure the server handles your request the way you intend it to?

User: Again, read the code. This is a common equation. Basic algebra helps here, write it out.

Root: Code will tell you everything, time is of the essence. What inputs do you have control over? Focus on that.

Any nudge?

Got the py file and modify it to run locally but not getting any output.