Nest

1121315171837

Comments

  • Type your comment> @Equanimity said:

    Hi, I'm at the final stage, connecting with the LP obtained. I am using the .exe and the one argument a H..t.txt with the LP inside
    I'm getting an error
    Unexpected error: The specified domain does not exist or cannot be contacted.
    Any hints?

    you are getting in the car and trying to drive it, but it's complaining that it's missing parts....try getting out of the car and dismantling it. Then you'll know what part was missing but at that point it won't matter because you'll come across something else that will get you what you are looking for.

  • Can I get writeup of Nest Machine

  • Type your comment> @xInSanity said:

    a nudge for linux users : use telnet not nc for the other port
    you can delete if it considered a spam :)

    Thanks mate!

  • Root. Nest, yeah its nest. Huft.... PM me if you need help.

  • Stuck at the VB code. Tried using online compiler dotnetfiddle.net (no ouput despite adding code to do that, granted i dont know vb), as well as putting it all into Visual Studio - but hitting debug just opens settings. Not sure where to go from here, would appreciate any advice to get back on track - thx!

  • connected by Telnet but cannot browse to any files, not much options . only options I get

    LIST
    SETDIR
    RUNQUERY
    DEBUG
    HELP

    how did you guys manage to browse though telnet session ?

  • edited January 31

    @Titan555 said:
    connected by Telnet but cannot browse to any files, not much options . only options I get

    LIST
    SETDIR
    RUNQUERY
    DEBUG
    HELP

    how did you guys manage to browse though telnet session ?

    HELP <Command> is very helpful.

    limbernie
    Write-ups of retired machines

  • Happy to say I consolidated learning from this experience. I don't consider it CTF like despite the available crumbs left around which in a nutshell are basically the basics of enumeration.
    Root might be tricky if you have a mindset of reverse analyzing task.
    TBH I spent very much time on finding Notepad++ configuration tricks to open remote files but it was in vanes.
    thanks to @harleen for online compiler hint.

    clarkkent

  • Excellent machine @VbScrub !

    User1: the path is straightforward, enumerate , just don't stop, keep going.
    User2: do your manual changes, add two basic lines and there you got.

    Root, if you did it my way (Windows and Linux), you will spend more time on searching tools than on the rooting itself.
    Enumerate again with User2, and the same command used in Windows can be used in s*******t however, just by copying the empty file to Windows will not show the what you are looking for. Just ask the help of the tool you are using on the low port.
    Once you get that, back to high port and you will feel the freedom :)

    I found an excellent decompiler which revealed the whole project, I created my own code from that and added 1 line and 1 parameter, done!

    Feel free to PM me.

  • @Titan555 said:

    connected by Telnet but cannot browse to any files, not much options . only options I get

    LIST
    SETDIR
    RUNQUERY
    DEBUG
    HELP

    how did you guys manage to browse though telnet session ?

    What does the second entry in those commands do?

    If you have jumped to this port before the other one, you might be missing some crucial information.

    TazWake

    Happy to help people but PLEASE explain your problem in as much detail as possible!

    Also: https://www.nohello.com/

  • Type your comment> @TazWake said:

    @Titan555 said:

    connected by Telnet but cannot browse to any files, not much options . only options I get

    LIST
    SETDIR
    RUNQUERY
    DEBUG
    HELP

    how did you guys manage to browse though telnet session ?

    What does the second entry in those commands do?

    If you have jumped to this port before the other one, you might be missing some crucial information.

  • @Titan555 said:
    Type your comment> @TazWake said:

    @Titan555 said:

    connected by Telnet but cannot browse to any files, not much options . only options I get

    LIST
    SETDIR
    RUNQUERY
    DEBUG
    HELP

    how did you guys manage to browse though telnet session ?

    What does the second entry in those commands do?

    If you have jumped to this port before the other one, you might be missing some crucial information.

    sorry I am still lost here... this machine is hard to crack...

  • @Titan555 said:

    @Titan555 said:
    Type your comment> @TazWake said:

    @Titan555 said:

    connected by Telnet but cannot browse to any files, not much options . only options I get

    LIST
    SETDIR
    RUNQUERY
    DEBUG
    HELP

    how did you guys manage to browse though telnet session ?

    What does the second entry in those commands do?

    If you have jumped to this port before the other one, you might be missing some crucial information.

    sorry I am still lost here... this machine is hard to crack...

    edit: got it , i can browse from telnet session...

  • @Titan555 said:

    edit: got it , i can browse from telnet session...

    Good. Make sure you have got all the information you need from the other port though.

    TazWake

    Happy to help people but PLEASE explain your problem in as much detail as possible!

    Also: https://www.nohello.com/

  • Rooted. Thanks @VbScrub.

    Learned a lot. More machine to come and Good job for this machine @VbScrub.

  • I want knowledge how to own a machine

  • @hackempire said:

    I want knowledge how to own a machine

    Any machine? Start here: https://www.offensive-security.com/pwk-oscp/

    TazWake

    Happy to help people but PLEASE explain your problem in as much detail as possible!

    Also: https://www.nohello.com/

  • can someone give me an hunt for the foothold? i have enumerated ports, services, i've got an interesting service, but it seems i can't do nothing with it

  • YAYYYYYYYYYYYYY :D :D :D
    I just got my first root flag and user flag
    (after countless hours of staring at the computer screen and wanting to bash my head with wall cuz of VB code :smile: and blank file :smile: Thanks :smile: )
    MY FIRST SYSTEMM YESSSS Without ASKING (well except the hints on this forum)

    Just wanted to brag cuz I dont have many friends lol xD

  • Type your comment> @Titan555 said:

    connected by Telnet but cannot browse to any files, not much options . only options I get

    LIST
    SETDIR
    RUNQUERY
    DEBUG
    HELP

    how did you guys manage to browse though telnet session ?

    There is another way you can browse the files on that server...enumerate, enumerate, enumerate!

  • my brain is hurting a lot XD
  • Rooted, fun box. A bit hard for me, considering that it is listed as easy.
    Thanks @VbScrub
  • Anyone open to PM to point me in the right direction? I will share everything I have gathered so far. Thanks

  • edited February 3

    removed

  • edited January 31

    Wow, what a challenge @VbScrub. Thank you for this box! :-D

    Finally root'ed as well and for me far from "easy" as mentioned before.

    Mainly as I have limited windows filesystem knowledge and would never have found the key to the 0 byte file without the hints here in the forum. Bit everything is in the pages here before. I didn't had to ask somebody by PM and I see this as a personal progress.

    Even after reading a lot about the "trick" behind it, as I'm working on a pure Linux machine, I was afraid that I wouldn't be able to get to the juice.
    But as a hint: you can do almost everything on the box itself. No need to spin up a Win-VM. It's all about knowing and understanding the commands you can use there. And here I learned a lot as well, so thank you again.

    Ah, and if you are thinking about how to disassamble windows executables, you may have a look at https://github.com/icsharpcode/AvaloniaILSpy
    Worked very well for me.

    If you need an little nudge anyway, you are welcome to send me PM with what you have tried so far

  • As said here what a fun and challenging box!

    User - Enumeration is key. Look at what you can do on the open ports. Here may lie some interesting files.

    Root - Again enumeration is key, maybe use some of the same methods as user (with some slight changes perhaps).

    Thanks @VbScrub for the box. Also thank you to @salt for the invaluable hints.

  • root dance - I did try to reverse the programs but I still need to learn. Thank you to someone in the forum for about a comment about streams, learn something new. My clue to help anyone along - if you have a break at the right place everything become clear so you don't need to add any lines (hope that makes sense to someone it is 0300hrs)

  • So i got to the user flag but when i put it in it says error. Is there an additional step or ADS that I am missing here?

  • edited February 1

    root...FINALLY...Holy crap, what a ride!

    Learned a crap ton, thanks @Vbscrub for the challenge, and to @ZloyObezyan, @chvancooten and @bigb0ss for the tips that helped me get there!

  • I got a encrypted root password, but the code which I'd used to decrypt the C.XXXXh password didn't work (it returned an error.).

    I think I should do something with HXXXXX.exe, but I have no experience of reverse engineering and it looks very difficult for me to reverse it and get a code from it.
    Did everyone get a code for decryption through reverse engineering .exe?

    stXXXXs command showed me some pieces of information but there was no usefil information...

Sign In to comment.