Bankrobber

Hi,
I explored this machine for a while (Last two days). I checked several things starting, as usual, what is open and what is close. For each open I discard, for the moment, most of the “opens” and I dig a lot with one of them. Basically playing with money and figure out how to leverage this. So, if anyone could give some nudges I will appreciate. I am still a noob and my immagination is still place me in hole rabbits. I just need an idea to explore. Unfortunately I can explain my findings here to avoid an spoiler. Thanks guys.

Finally root! I had a lot of fun and learned a lot, thanks @Gioo & @Cneeliz!

I am having an issue with b************.**p

Please DM for any nudges

I’m stuck with the initial foothold.

Looking at the message when submitting the form after logging in as a user, I guess there is a vuln that can exploit the admin’s browser, but no vuln is found yet.

Type your comment> @pinkyghost said:

I’m stuck with the initial foothold.

Looking at the message when submitting the form after logging in as a user, I guess there is a vuln that can exploit the admin’s browser, but no vuln is found yet.

I am on the same stage. I tested many things. Even stupid ones. Now, I am evaluating one possibility pointed by some users. But I need to learn a bit. It is something new for me. But for the moment, what I read give some ideas and where to focus. The main idea, usually, is modify the normal behaviour. Easy to say :tired_face:

Rooted.

There was nothing wrong with what I was doing. The reaction was slower and unstable than I had imagined when reading this forum, so I didn’t realize I was on the right path.

The initial foothold does not require complex skills. All you need is patience. If something goes wrong, be patient and keep on the right path.
Or you may need to reset.

Well, after one week tring several things and getting some interesting nudges I got access to the account with ***.tx.

I exploring it using s*** function and b******* function. From the GUI and directly using bu***. Unsuccesful. I tried to switch to other ennumeration methods using the credentials I found here but again unsuccesful. I dont’ think it is about ip spoofing. But if someone could give a clue, I will appreciate it. Did I forgot any step? Maybe the text information is an important clue?

thank you

I have the same problem as you. Only other balances can be enumerated after user login is created. Don’t know how to proceed, have you bypassed? Ask for hints. Just want you to give me a hint?

Been stuck on the ::1 for hours now, tried changing origin etc with burp but to no avail. Any nudges on how to proceed are welcome!

this box is not stable. x** doesn’t always get triggered, user shell disconnects without any reason, b****2.e dies while trying to exploit and it wont recover so you have to reset and wait for x again… I felt like i was doing a side quest in a game.

Edit: also there is a chance that you can get an error page with my**l password visible if you are fast enough after reset.

I am stuck with getting shell. any help please DM. I got to the a**** page and try x**. sometimes I get responses and sometimes not.

Got response from the box twice this morning in a 5 minute period. Been trying with the same method since and not getting any response at all. Machine has been reset. Seemed to work for a short period yesterday evening too. Very frustrating to make progress when there is no consistency in response times.

This is the first box I solved, thank you all.

Rooted … very nice machine. Machine is stable in contrast to what others say. Yes, the exe will crash if you put in too much, and yes you will have to reboot. Big deal, it’s your own fault and then you immediately know what to do (almost real live) :wink: And yes it takes about a minute before the event in your X… is kicked off. Take some coffee and setup your second listner, create your msfv… e… and your smbse… in the mean time. This machine would not look out of place in the OSCP lab as a hard machine. Lot’s of fun…Well done (goed gedaan) @Gioo & @Cneeliz!

.

Type your comment> @HESL said:

This machine would not look out of place in the OSCP lab as a hard machine.

The foothold is literally in the PWK course :slight_smile:

Type your comment> @HESL said:

Rooted … very nice machine. Machine is stable in contrast to what others say. Yes, the exe will crash if you put in too much, and yes you will have to reboot. Big deal, it’s your own fault and then you immediately know what to do (almost real live) :wink: And yes it takes about a minute before the event in your X… is kicked off. Take some coffee and setup your second listner, create your msfv… e… and your smbse… in the mean time. This machine would not look out of place in the OSCP lab as a hard machine. Lot’s of fun…Well done (goed gedaan) @Gioo & @Cneeliz!

And what happens if someone left the machine with that exe crashed and you find it at that state? I will tell you what, hours of enumeration without finding anything before you finally decide to reset.

I know it is my fault to crash it but my point was it should recover.

Can someone give me a push in the right direction? on the s**** i could read the sourcecodes of all the h files in the webroot and checked the source of the b*************.

I changed what ever i (think) i can in the requests and for the love of god i can’t get it to do what i want… Am i on the right track ?

Type your comment> @onurshin said:

Type your comment> @HESL said:

Rooted … very nice machine. Machine is stable in contrast to what others say. Yes, the exe will crash if you put in too much, and yes you will have to reboot. Big deal, it’s your own fault and then you immediately know what to do (almost real live) :wink: And yes it takes about a minute before the event in your X… is kicked off. Take some coffee and setup your second listner, create your msfv… e… and your smbse… in the mean time. This machine would not look out of place in the OSCP lab as a hard machine. Lot’s of fun…Well done (goed gedaan) @Gioo & @Cneeliz!

And what happens if someone left the machine with that exe crashed and you find it at that state? I will tell you what, hours of enumeration without finding anything before you finally decide to reset.

I know it is my fault to crash it but my point was it should recover.

I guess it try to show possible real scenario where some app are not well designed. You can call to the company and tell them: Hey dudes, I am trying to hack you and your fucking exe is hang. please could you inform your developer to do better his job. I am an important hacker and I cannot waste time with this kind of issues :smiley: :smiley: #joke.

I also experienced this many times. Breath.

Need help on user :')