Fatty

@an0n said:
has anyone managed to compile the decompiled version, or is it easier to write a client from scratch (using the decompiled source)?

It requires some manual tweaking, but I found it easier to import the decompiled client into Eclipse, manipulate it directly and then re-compile it using Maven.

@HomeSen said:

@an0n said:
has anyone managed to compile the decompiled version, or is it easier to write a client from scratch (using the decompiled source)?

It requires some manual tweaking, but I found it easier to import the decompiled client into Eclipse, manipulate it directly and then re-compile it using Maven.

thx, had some trouble with Eclipse, using pure Maven (after some minor tweaking) solved the issues.

Alternatively, you could modify java bytecode with recaf

Type your comment> @an0n said:

has anyone managed to compile the decompiled version, or is it easier to write a client from scratch (using the decompiled source)?

@flk said:
Alternatively, you could modify java bytecode with recaf

Thank you. I ran into issues with Eclipse. Installed, however, get errors when I try to open anything.

@Hackalicious said:
Type your comment> @an0n said:

has anyone managed to compile the decompiled version, or is it easier to write a client from scratch (using the decompiled source)?

@flk said:
Alternatively, you could modify java bytecode with recaf

Thank you. I ran into issues with Eclipse. Installed, however, get errors when I try to open anything.

use cmdline maven (after arranging everything to their appropriate folders).

That box stung a bit. Root seemed fairly intuitive. Everything before took me a very long time to get everything aligned and perfect, was out of my comfort zone big time with regards to a lot of the stuff needed to get user. This box made me rage and swear a bit but I can’t blame it for that. Solid learning experience for me. Thanks to all who helped point out my flaws. Good job with this one @qtc

Ok - this box is difficult. I struggled getting the basic version 8 package installed :smile: I might have to go back to waiting until it is retired :sweat_smile:

Guys,
Anyone could give me a little nudge to start root?
I am stuck for 4 days trying to figure out where a weakness is, no way to find it.

Has anyone anyone been able to download that file from the server without writing code?
If so i woulde love to hear how, Ive been struggling to get anything utilising socat and ssldump

This box is INSANE !!

can anyone assist with “not fully implemented” issue?
Please PM.

Got user though I spent a long time trying to bash my way through to a shell, which just gave me a headache.

No idea about root, I guess that the ‘join the dots’ hint is best understood once you have cracked it.

@bobd91 said:

Got user though I spent a long time trying to bash my way through to a shell, which just gave me a headache.

No idea about root, I guess that the ‘join the dots’ hint is best understood once you have cracked it.

Once you got user you must understand where you are, then do some usual enumeration and try to make hypothesis about what you found could do.

any help to download the fatty-S****r?

Got root!

I got to within touching distance fairly quickly but I just couldn’t quite see how it was going to work. In the end I needed a lot of help.

Thanks to @snuggles for confirming that I was going in the right direction and to @yb4Iym8f88 and @Driikolu for helping me see the last bit.

When i run the *.jar file it gives me " Connection Error" i have updated the XML with P**T and done require changes. pls guide me where i am doing wrong.

Type your comment> @Igotyou said:

When i run the *.jar file it gives me " Connection Error" i have updated the XML with P**T and done require changes. pls guide me where i am doing wrong.

Sounds like you may have done something that broke it. Feel free to message me if you need help. I got you :slight_smile:

Does anyone know article about getting proper tty, with some unusual methods? In this box it is pretty hard and, i hope, will be very useful in enum.

Type your comment> @yb4Iym8f88 said:

Finally got it. User part is ideal to feel what is the OSWE exam , and even a bit harder.
Thanx to @moszkva to root hint – stuck for weeks with it.

Pm you ? I have a few doubts

Got user a long time ago, got back on it now, but I still can’t see which direction to go for root. No uid binaries, only services running as root are hd and cd. The first doesnt look vulnerable, second does some wierd thing, but I cant see how I’d exploit it. Or am I looking at the wrong root and is it outside the current er con*? Small nudge would be appreciated.