foothold:
fuzz what you don’t know, once you get it. you will see the window.
replicate the process to see where the rocks you throw land.
once you know, it’s just a matter of syntax
user:
with everything I have at home what can i deduce about this?
it’s not hard math, really it’s more similar to deducing that if
3 + 2 = 5 then 5 - 3 must equal 2
root:
if you say the magic word the only way you know
something random is going to happen somewhere very specific
might want to throw a net rather then trying to catch it by hand.
@lolotlse said:
Hi all
I dont understand but the shell was not stable
I obtain that
invalid syntax (, line 1)
EOL while scanning string literal (, line 1)
and cannot navigate normally did somebody could be help me if not have this.
thanks for your help
ok good im not the only one, and i thought it was my rig, but clearly its not…happy about that but frustratingly annoying cant get anything done, could someone fix this issue tried reset didnt work
Just a small note to self on the user part, download files rather than copy/paste from terminal. It did the trick for me, but did cost me several hours of headscratching!!
My first attempt on doing python… really neat and fun. have you done some programming before and understand code principles and logic, this should be quite easy.
I kept reading that root was “easy” … WTF? There’s some serious skill in this forum that people are taking for granted.
Sure, it was easy compared to the dirty trick that I had to realize to get user and with the help of this forum and having all required skills before hand, but I still had to:
Read the language of snakes.
Write the ancient language of penguins.
Use a power word to ask the Dark God of penguins and androids to grant me his might.
Ask for the help of my good friend John after translating to separate things for him.
It took me the afternoon and I had the correct general idea of what I had to do before starting. What the ■■■■ do you guys consider “easy”??? I can believe that somebody did all this in 30 minutes without any help.
If you don’t have even one of the mentioned skills you are severely ■■■■.
Bit of advise if you keep stumbling at the very beginning: understand your syntax for your commands. specifically understand the differences between -hs and -hc if you use a specific tool.
It might save you some time and frustration that all of us know when you find out you made a typo after hours of debugging
I got some weird problems on user:/
I got the shell and found interesting stuff on the machine. I reversed the Code to get the key. My Code works fine on a small test example and i get the correct key there.
But when using the files found on the machine neither my console nor vim can display the key correctly(mainly blank space output)
I downloaded the files, so there shouldnt be any display errors.
I got some weird problems on user:/
I got the shell and found interesting stuff on the machine. I reversed the Code to get the key. My Code works fine on a small test example and i get the correct key there.
But when using the files found on the machine neither my console nor vim can display the key correctly(mainly blank space output)
I downloaded the files, so there shouldnt be any display errors.
I didn’t have the same problems as you appear to be having, and I am working from memory here - but ISTR that the python script worked all by itself, just reverse the order and remember to cat the thing you need and decrypt.
(I only discovered that after trying to brute force it tbh)
I got some weird problems on user:/
I got the shell and found interesting stuff on the machine. I reversed the Code to get the key. My Code works fine on a small test example and i get the correct key there.
But when using the files found on the machine neither my console nor vim can display the key correctly(mainly blank space output)
I downloaded the files, so there shouldnt be any display errors.
I didn’t have the same problems as you appear to be having, and I am working from memory here - but ISTR that the python script worked all by itself, just reverse the order and remember to cat the thing you need and decrypt.
(I only discovered that after trying to brute force it tbh)
I don’t even have to write any code:D understood that now. Thx
Rooted …fun box, good learning experience thanks @MrG1337 & sholomotion4yah for your nudges My advice, if your stuck, just peruse through the posts they have all the hints you need and more… good luck lot
A clever one! Wrecked my head with simple and smart tricks. Kudos @clubby789!
Foothold: you know what you’re looking for, use that!
User: you can simulate locally if you want but you’ll be able to construct something usable without that once you get to that function that’s gonna allow you the RCE. Use the language. Once you get the RCE, read the decrypt code, it’ll show you how it’s done. Careful with the encoding.
Root: can be tricky as well, better get what you’re after in one go.
Also my 2cents about the discussion around how ‘easy’ a box is. As others pointed out, it depends on each and everyone of us and it’s not helpful. I certainly haven’t found it easy doing it, I found it smart/ original tho, but that can be subjective as well. So I suggest people stick to a template (foothold:… user[.]:… root:…) while adding objective metrics/ comment as much as possible.