ForwardSlash

1457910

Comments

  • any nudge plz about the c****o ? I'm stuck :(

    Drxxx
    I wouldn't mind some +respect if I helped you ;)

  • @Drxxx said:

    any nudge plz about the c****o ? I'm stuck :(

    If you mean the python file, you can add code which brute forces it.

    TazWake

    Note: https://www.nohello.com/

    Happy to help people but PLEASE explain your problem in as much detail as possible! If you say vague things like "It's not working", I cant help. This isn't Twitter so my DMs are always open.

    Currently have very limited HTB time but will try to respond as quickly as possible.

  • Type your comment> @TazWake said:

    @Drxxx said:

    any nudge plz about the c****o ? I'm stuck :(

    If you mean the python file, you can add code which brute forces it.

    Yes, I did that with rockyou list but failed all pass as keys

    Drxxx
    I wouldn't mind some +respect if I helped you ;)

  • @Drxxx said:

    Yes, I did that with rockyou list but failed all pass as keys

    Try a more brute force approach.

    TazWake

    Note: https://www.nohello.com/

    Happy to help people but PLEASE explain your problem in as much detail as possible! If you say vague things like "It's not working", I cant help. This isn't Twitter so my DMs are always open.

    Currently have very limited HTB time but will try to respond as quickly as possible.

  • Type your comment> @TazWake said:

    @Drxxx said:

    Yes, I did that with rockyou list but failed all pass as keys

    Try a more brute force approach.

    bad idea. if rockyou dosen't work for you, you're doing something wrong.

    0x41

  • Type your comment> @TazWake said:

    @Drxxx said:

    Yes, I did that with rockyou list but failed all pass as keys

    Try a more brute force approach.

    @0x41 said:
    Type your comment> @TazWake said:

    @Drxxx said:

    Yes, I did that with rockyou list but failed all pass as keys

    Try a more brute force approach.

    bad idea. if rockyou dosen't work for you, you're doing something wrong.

    Thank you both a lot .. you're awesome .. Your both point of view is correct .. I was able to get it by both ways ... Thank you .. Insane Machine .. thanks for the creators @InfoSecJack & @chivato .. I have learned really a lot in those 2 days, I wish the attached mp3 wasn't empty;) .. I'm so interested in know if that image has another path to the solution ..

    Final step I had found it exist .. SO I have to undo what else leave behind and re-do the final step again .. then clean my work ..

    Drxxx
    I wouldn't mind some +respect if I helped you ;)

  • can anyone give me a hint on the python c****o either on a smarter way of attacking it, i'm having issue with brute forcing it, possibly python 2.7 vs 3 string processing reading from files

  • got /se****-s****s/. but no files..
    stuck for almost 2 hr!
    can anyone show me light?

    shaswata56
    ** Life is simple, we make it complex just out of curiosity **

  • Rooted, very nice box! PM for hints 😄
  • Really fun box - ended up using brute force on the c****o. Did anybody figure out the maths and solve it that way?

  • edited April 2020

    edit** I think I figured out what I was doing wrong on the c**** part.

  • Rooted. This was my first hard box root, and it was a doozy. Thanks to @InfoSecJack and @chivato for creating this machine!

    Giving hints here would kind of ruin what makes this box a challenging learning experience, so if you'd like a nudge, let me know what you've already tried and I can do my best to help out without spoiling the adventure too much.

    marlasthemage

  • Rooted. Big thanks for @EvilT0r13 and @sk4 for the nuggets.

  • edited April 2020

    Any nudge would be appreciated, I'm sure I'm overthinking something. I'm at b****p moving from c*** to p***. I can PM with the details

    anoNym1ty

  • Hi, which word list did u guys used to fuzz the xml file?

  • Type your comment> @c2m1 said:

    Really fun box - ended up using brute force on the c****o. Did anybody figure out the maths and solve it that way?

    I sorta did, if you want to PM I can explain

  • Nice box. A lot of effort to get from c->p
    Whether intentional or not, I got the required pre-req for root prior to p
    To me root was v simple then (9 minutes apparently, and some of that was reversing when I realised that one of the reasons I was in p was to submit the contents of a file).

    coldpenguin

  • Also having a real hard time with the c****o, could use a nudge. Tried a lot of python stuff, couldn't figure it out mathematically, BF also seems insane without another piece of information...

  • edited April 2020

    One of the boxes that it turned out to like quite a lot :)
    congratulations to the creators! :smile:

    Rayz

  • Hey i tried to bruteforce key with rockyou.txt but so far get nothing am i in right way?
  • found login/sign_up page b*****.***********h.b . and also found a dir d under it, 403 forbidden error, but stuck on that..couldn't move forward. Any help wiil be appreciated

  • Can anyone provide any direction for using the binary for user1 -> user2 ? Been looking at it in IDA but can't really understand how it can be abused.

  • @buhaytza2005 , use ltrace to figure out what it’s doing. Give it what it wants with what you want hidden underneath

    marlasthemage

  • edited April 2020

    I haven't (quite) gotten user yet, but I already love this box!

    I have just (theoretically) broken the cipher, will code a cracker tomorrow.
    To all: Don't be intimidated by the cipher, it's relatively easy to crack and really satisfying!
    It's all about writing the encryption method down in a such a way, that you can see the pattern. I've written it down in a mathematical notation, which took a little thinking, but then I almost immediately saw the pattern on how to crack it.

    Great box so far! Thanks for this box and for the idea with the custom encryption @InfoSecJack and @chivato! Respect incoming!

    Turns out I made a mistake. The cipher reveals something but I was unable to break it in the strictest sense. That being said it is weak to dict attacks.
    Pay attention to the input though. There is a small detail that you need to take care of, otherwise decrypting won't work.

    Hack The Box

  • Finally got root after a few days of working on it. What a trip, this box was fun start to finish. If you need a nudge PM on HTB not forum.
  • edited April 2020

    need help,

    i found LFI and get get c*****.php mysql password of www-data and get a**.php but i don't know how to use that password..

    should i get more file from server or enumerate further..
    it is my first hard machine..

    thanks

    edit: rooted :) thanks for helping me @zard and others for nudge PM

  • Whoops. Turned out that pattern I saw in the crypto gave me some information but not (yet?) all. Will still do some work on this.

    Hack The Box

  • Any nudges about b***** crypto breaking?

  • Type your comment> @hasky said:

    need help,

    i found LFI and get get c*****.php mysql password of www-data and get a**.php but i don't know how to use that password..

    should i get more file from server or enumerate further..
    it is my first hard machine..

    thanks

    you need to go deeper and find files/directories on the host you're searching for.

  • Type your comment> @targodan said:

    Whoops. Turned out that pattern I saw in the crypto gave me some information but not (yet?) all. Will still do some work on this.

    i would say you have what you need:) its a weak cypher.

    Rayz

Sign In to comment.