Nest

@kalitkd said:

someone for a little nudge??

Enumerate.

Type your comment> @TazWake said:

@kalitkd said:

someone for a little nudge??

Enumerate.

is not about that…

@kalitkd said:

is not about that…

But it was a little nudge.

Great box, thanks @VbScrub !

Initially did it with unintended method but I’m glad I re-did it with intended. Learned some new Windows stuff I never knew even was possible.

As others have said, I definitely feel this box deserves a higher difficulty rating. For me it was a bit similar to Obscurity so I would give it a Medium.

Type your comment> @TazWake said:

You need to dig into more of the files around where you found that hash. Read them in detail and check what they point to.

If you find one mentions a place you can access, access it and enumerate more. Here you can understand enough to turn the hash into something you can actually use.

in one of the files there are paths to a dir I can’t access yet. I overlooked something, I guess :smiley: Will try harder …

Finally rooted the intended way, superb box @VbScrub! As people have mentioned would definitely classify this as a medium, but it is definitely one of the more fun and rewarding boxes I have pwned. A variety of skills are required, and you might have to brush up on some knowledge as well. You’ll learn!

User: Don’t worry about poppin’ shellz, that’s not happening until root. Read everything carefully. If you think a room is too dark to go in, keep going! (But careful reading might get you your flashlight). The last step to user requires some skills that hide in the author’s name.

Root: The file you find is obviously interesting, but where are Are Dis Stuff?? Once you got access to the service, you unlock some cool functionality. Don’t stray too far - and don’t forget what you’ve seen. Combine this with what you had before and profit!

PM for nudges :slight_smile:

@theonemcp said:

in one of the files there are paths to a dir I can’t access yet. I overlooked something, I guess :smiley: Will try harder …

Make 100% sure you cant access it. You might be surprised.

Guys any hint how to decode that weird Base46 for C… user?

Type your comment> @ZeWanderer said:

So I found a temp username and password but when I try to use it I get a “Failed to connect with smb1 – no workgroup available” error. A nudge would be appreciated

Hi, I am at this point. I login with this user. And I it works with other connection native in Windows (not sure what can we reveal here). But I am a bit stucked because I am new and I don’t know taking advantage what I found. Anybody do it via bruteforce techniques?

@clubby789 said:
Got user intended method, really interesting!

What is intededed method? :slight_smile:

Finally rooted for second time :smiley:

I don’t know why the ‘chef’ can bake the first bread but not the second? I got weird result when bake the second bread.

The ‘basic’ online compiler somehow not worked for me.

So, because I don’t really familiar with ‘basic’ stuff, then I rewrite it into ‘sharp’ things, and it worked.

And I do it all in linux, btw.

Great box @VbScrub
Btw you are welcome.

EDIT:
The ‘chef’ actually can do the job for all cake. My mistake, pouring wrong ingredients.

Type your comment> @S4lem said:

Guys any hint how to decode that weird Base46 for C… user?

You should be able to find what this user has been working on - and if you don’t see something, it doesn’t mean it’s not there.

Rooted. Very good box. Not so easy for begineer especially with programming. Thanks you very much for this content, i learned very good things.

Spoiler Removed

@TazWake LOL

rooted.

this box is not easy (intended way).
hint to all (user,root) : D3BUG !

Love the box btw @VbScrub, I hate windows, been voiding it for a while, this one’s actually fun for me :slight_smile:

And done!

Definitely not an easy one. Admins should take all comments into account and do something or at least to plan for future cases like this one.
Done it in intended way (as it is only possible way now :slight_smile: )

@VbScrub Nice box. Very good learning experience.

Spoiler Removed

@squirrelpizza said:

Does anyone have a nudge as how to make the srp* run?

You where on the right track using VS. Try debug/learn what the program is actually doing. Once you understand how its doing its cryptomagic, try to figure out how you can reuse whats in front of you to return what you want.