spade
April 4, 2018, 3:04am
1
Hi there,
after enumerating this fortress i noticed the two ports which is just like on Pwn Challenges. however, it doesnt have any file given on this Fortress Machine. can anybody there give me some hint/tips/clue that might be helpful to continue just want some ideas to kick off.
Feel free to PM me here and mattermost (same username)
Cryo
April 6, 2018, 3:14pm
2
I’ve Pm’d you, if anyone could give me a push in the right direction on the method to bypass authentication I’d be stoked. Been stuck on this one for a bit.
anyone who has command able to PM me wondering if im on the right track
Cryo
April 12, 2018, 1:17am
4
@Vipertooth said:
anyone who has command able to PM me wondering if im on the right track
Shoot me a message and I’ll try to steer you without spoilers
please can I have a hint of where to find the files, I tried alot of stuff so I think I must be missing something.
peek
April 19, 2018, 7:40pm
6
im stuck at elasticity, i know why it’s called elasticity, but cant get flag.
peek
April 20, 2018, 3:38pm
7
could someone confirm which port is right and if it has been patched or no ?
Anyone get anywhere with elasticity? stuck and need a idea.
how come fortress is so underrated in forums?
I do enjoy the hints in the progress page.
Can someone pls give me a nudge on elasticity? I only managed to find two parameters that give me some queries back but then i am stuck. Tried the obvious exploit with all kind of different methods but no luck
v3ga
June 1, 2018, 11:11pm
12
I am dying on this fortress, if anyone has a spare moment love to pick le brain. I am the same name on mattermost
Can anyone confirm if the Command part still in the web part ? or have any hint ? i’m stucked in this part for days
egre55
August 3, 2018, 8:33pm
14
it might help if you inspect the traffic you’re sending to any of the services
@cdoisponto
anyone able to PM me on the overflown flag, struggling to find the application to overflow? if thats it at all aha
dodo
August 10, 2018, 2:32pm
16
@badman89 said:
anyone able to PM me on the overflown flag, struggling to find the application to overflow? if thats it at all aha
I’m at t that point too! I think that is the leak
file…but I’m not sure
@egre55 said:
it might help if you inspect the traffic you’re sending to any of the services
@cdoisponto
Yes, done! thanks … hahaha I did not know this vuln.
m0nek
August 14, 2018, 7:56am
18
should everything be done in this order?
Digging in…
Going Deeper
Bypassing Authentication
Command
Overflown
Secret Message
Elasticity
Member Manager
More Secrets
Memo
found some things, dont know which order should i dig in
dodo
August 14, 2018, 9:22am
19
@m0nek said:
should everything be done in this order?
Digging in…
Going Deeper
Bypassing Authentication
Command
Overflown
Secret Message
Elasticity
Member Manager
More Secrets
Memo
found some things, dont know which order should i dig in
For the initial flags (Connect
to Command
) the order is important and is an obligatory path.
But for the other challenges the order is not strict
m0nek
August 14, 2018, 10:42am
20
Thanks, what i cant understand is why i can see overflow tasks even if i havent passed starting from “Digging in” ? Or maybe i need a hint? thanks!