Obscurity

A lot of head banging at the beginning, but finally rooted. Thanks @clubby789 for the challenge and fun!!

PM me for hints, more than happy to help!

Rooted. I was really thinking way too hard for Root. Thanks N0tAC0p for his help.

If you need help PM for hints.

Rooted, though I’m pretty sure I completed it in the “wrong way”. Loved the path to user!

Rooted with the help of @drdsol92. Good box to really learn python scripting . Dm me if u need help

Rooted! Root was easy:)

i dont understand the run it locally part, any help?

Nice little box. Learned a thing or two about the snake scripting. I do have one thing to say to the butchers who change the B**********H.py. May you suffer bitrot on all your backups and your hard disk heads crash.

For the rest of you, if you find that the B**********H.py has been changed by a script kiddie butcher wannabe you have to reset the box.

A hint for getting root. They say two hands halve the work. So do two connections.

wohoo

root@obscure:~# id;hostname
uid=0(root) gid=0(root) groups=0(root)
obscure

Initial foothold was a nightmare. I realized how to need to fuzz, but all “default” tools not worked fine for me… Then I found one in githab written in go.
User and Root was very interesting. Python debug tool will help

God i’m really struggling, this is my first box, I was able to find the SSS.py file, found the weak point in the python code and have been trying to get a shell for hours and hours, would someone be able to look at my injection and give me a nudge as to whether i’m going in the right direction? i’m trying to invoke command line execution with os.s***** and i’m not sure what i’m doing wrong :confused:

I found the file and found the function to exploit, also found some xss but can’t find a way to get the shell… Been stucked for hours, if anyone can help me on that dm me please!
Thanks!

Rooted,
Initial foothold ( fuzz ) was bit tricky, moving forward exploit, user and root is all about reading the code and using the holes found with in the code.

PM me for a nudge.

w0000t finally:

root@obscure:~# id;hostname
uid=0(root) gid=0(root) groups=0(root)
obscure

HUGE thanks to @Locutus ! <3 Feel free to PM for hints.

Im strugling with user. I have found a py scrypt that does some encryption and decryption. I have added a crack function to the script, but the key I get is only in the extended ascii table and looks very wrong to me. Can someone help me and maybe take a look at my crack function?

edit: A hit from Enpassant helped me out.
edit2: Got user and root. User was the hardest part for me, but I learned something about ascii and encoding :slight_smile:

can someone pm me a nudge on the initial foothold… have tried gobuster dirb dirbuster fuff wfuzz burp…

  • ignore, i found it

Oh man finally rooted…!!!
This box was really good…
Initial foothold: Try making a bash script for wget-ing the file
User: This is a little tricky but the solution is really very easy
Root: Straight forward… read the script and then create your own script

DM me for nudges… :slight_smile:

i’m having problems with the py… can anyone help me in here? thanks in advance

Any chance someone can PM for assistance with the "e**c’ function in the first .py? I am obviously not understanding it and could use some guidance.

Can someone give me a nudge, I found a way to inject something but I don’t know how to get shell.

@Inss said:

Can someone give me a nudge, I found a way to inject something but I don’t know how to get shell.

It depends on how you have found a way to inject something but, you could look at creating a reverse shell using the language of the application you are injecting into.

Type your comment> @TazWake said:

@Inss said:

Can someone give me a nudge, I found a way to inject something but I don’t know how to get shell.

It depends on how you have found a way to inject something but, you could look at creating a reverse shell using the language of the application you are injecting into.

I got it, thanks for reply tho :smiley: