I got some weird problems on user:/
I got the shell and found interesting stuff on the machine. I reversed the Code to get the key. My Code works fine on a small test example and i get the correct key there.
But when using the files found on the machine neither my console nor vim can display the key correctly(mainly blank space output)
I downloaded the files, so there shouldnt be any display errors.
I didn’t have the same problems as you appear to be having, and I am working from memory here - but ISTR that the python script worked all by itself, just reverse the order and remember to cat the thing you need and decrypt.
(I only discovered that after trying to brute force it tbh)
I got some weird problems on user:/
I got the shell and found interesting stuff on the machine. I reversed the Code to get the key. My Code works fine on a small test example and i get the correct key there.
But when using the files found on the machine neither my console nor vim can display the key correctly(mainly blank space output)
I downloaded the files, so there shouldnt be any display errors.
I didn’t have the same problems as you appear to be having, and I am working from memory here - but ISTR that the python script worked all by itself, just reverse the order and remember to cat the thing you need and decrypt.
(I only discovered that after trying to brute force it tbh)
I don’t even have to write any code:D understood that now. Thx
Rooted …fun box, good learning experience thanks @MrG1337 & sholomotion4yah for your nudges My advice, if your stuck, just peruse through the posts they have all the hints you need and more… good luck lot
A clever one! Wrecked my head with simple and smart tricks. Kudos @clubby789!
Foothold: you know what you’re looking for, use that!
User: you can simulate locally if you want but you’ll be able to construct something usable without that once you get to that function that’s gonna allow you the RCE. Use the language. Once you get the RCE, read the decrypt code, it’ll show you how it’s done. Careful with the encoding.
Root: can be tricky as well, better get what you’re after in one go.
Also my 2cents about the discussion around how ‘easy’ a box is. As others pointed out, it depends on each and everyone of us and it’s not helpful. I certainly haven’t found it easy doing it, I found it smart/ original tho, but that can be subjective as well. So I suggest people stick to a template (foothold:… user[.]:… root:…) while adding objective metrics/ comment as much as possible.
foothold: examine the source carefully debugging locally is helpful
user: again examine source carefully, just write something to reverse it
root: as ppl have said before, you wont be quick enough doing it manually
I have found SSS.py in the secret directory but I’m not sure how to inject my own commands into ex**. Can someone PM me? I am able to show what I have tried so far. Respect up for grabs.
would really appreciate some guidance here! I managed to get a shell testing the sss.py locally but have no luck throwing it at the server? any tips here please?
I manually found the .py after using a specific well known attack involving dots and slashes using burp. I copied the code and made a local file, but I can’t get it to run, that is, it exits without response. Doesn’t throw errors either. It seems like people here are saying that’s a good way for the next step but I don’t have a clue on how to do that. Are there any sites that tell you how to use a file as a webserver I can go read? I don’t want spoilers, but I’m stuck. I’d like to know if the folder the file was in is necessary for the next step, as I got it manually and don’t know the folder name. I’m also sure I can do what’s necessary with burp, but when I try to escape I don’t get a response from the server (sometimes I get a bad request response though, so that’s the wrong angle).
I have the .py file as well, but not super familiar with python. I see where I might be able to inject code, but I don’t know how to go about it. Any help would be appreciated.
I am at this point. It my first time I require to do something like this. Research for the moment and I want to analyze the py.
I have the .py file as well, but not super familiar with python. I see where I might be able to inject code, but I don’t know how to go about it. Any help would be appreciated.
I am at this point. It my first time I require to do something like this. Research for the moment and I want to analyze the py.
I pm’d you, let me know if the info i gave you helps.
Hey, can anyone give me a nudge on the sss.py? Am I supposed to be doing percent encoding of a payload? And how am I supposed to test this locally? I see different classes and functions, but nothing calling them? How can I invoke to test? Please excuse my ignorance, I’m a n00b when it comes to python lol
Edit: okay, I figured out how to test locally, and assuming I’m heading the right direction, can anyone help me with escaping’ ? I’ve been trying every way I could find for hours with no luck
Hey, can anyone give me a nudge on the sss.py? Am I supposed to be doing percent encoding of a payload? And how am I supposed to test this locally? I see different classes and functions, but nothing calling them? How can I invoke to test? Please excuse my ignorance, I’m a n00b when it comes to python lol
Edit: okay, I figured out how to test locally, and assuming I’m heading the right direction, can anyone help me with escaping’ ? I’ve been trying every way I could find for hours with no luck
Just a tip for PY (I am on same page as you). Python files which contains classes and methods can not be executed unless you define a call statement. in other words and more visual: