ImageTok

edited June 2020 in Challenges

Me and @makelarisjr had a blast developing this challenge, hope you like it! Have fun!

Tagged:

Comments

  • Nah... Amazing information asymmetry. Again <3

    If you need help with something, PM me how far you've got already and what you've tried. I won't respond to profile comments. And remember to +respect me if I helped you <3

  • edited June 2020

    such a headache. at least i know it must be something really obscure, 24 hours after release still no blood
    EDIT: well i got past one thing, but i have no idea what to do now. i would appreciate a nudge from someone :T

    EDIT: holy shit what a ride! after days of working almost non stop, someone told me that the new download package with the docker files was available now and i spotted the thing i missed. only 10 hours later here i am :P
    mad respect for this box, man. i loved every second of it (even the pailful bits)

    0x41

  • Just finished, amazing challenge. Probably one of the most realistic challenges I've seen, nothing stands out as 'Exploit me!' until you look deep.

    clubby789

    • GCIH | GCIA
      If you need help with something, PM me how far you've got already, what you've tried etc (I won't respond to profile comments, or on box release night). And remember to +respect me if I helped you ; )
  • @clubby789 can you please tell me how to get start with this? It would be really helpful for me
  • Spoiler Removed

    joeblogg801

  • Spoiler? I did not post any spoilers.

    joeblogg801

  • Are files part of the challenge?

    I'm completely new to Hack the box.
    I'm trying the imagetok challenge.

    I just wonder if the files that are available for download are a part of the challenge? or is it just for running the challenge locally?

    I ask because I don't want to find the solution from the source code if I'm not supposed to

  • @carmel said:

    Are files part of the challenge?

    I'm completely new to Hack the box.
    I'm trying the imagetok challenge.

    I just wonder if the files that are available for download are a part of the challenge? or is it just for running the challenge locally?

    I ask because I don't want to find the solution from the source code if I'm not supposed to

    In general, everything provided by a challenge is also part of the challenge. All challenges are there to teach you some cool techniques, and sometimes to teach you basics. But they are are definitely made to make you throw random stuff against a website (especially when the challenge is about a rather obscure, lesser-known technique). And that is why you often get some kind of hint: sometimes just a few words, sometimes the source code of (part of) the web application.


    Hack The Box
    GREM | OSCE | GASF | eJPT

  • Anybody else getting weird error on the docker build script? " codeload.github.com bad address"

    -Keep Learning
  • edited January 12

    Is anyone able to give me a little bit of help with this challenge? I have been working on this for a while (and loving it!) and believe I have all of the pieces required (which are many!) and can prove them on my local Docker instance, but there are a couple of things I simply can't find a way past. I'm either over-complicating it, or just missing something obvious. I've put so much time into this, and learnt so much, but I really want to finish it off. I'm happy to explain everything I've done, if someone is able to spare a few moments to help me. Anyone willing to DM?

    Update - now finally solved after a couple of hints from a kind soul. Huge respect to @makelaris for such a fantastic challenge. Learnt a lot from this one.

  • Type your comment> @zauxzaux said:

    Anybody else getting weird error on the docker build script? " codeload.github.com bad address"

    I wasn't able to build the docker image, it prints:

    #9 13.95 config.status: executing depfiles commands
    #9 14.11 config.status: error: in `/tmp/curl-7.70.0':
    #9 14.11 config.status: error: Something went wrong bootstrapping makefile fragments
    #9 14.11     for automatic dependency tracking.  If GNU make was not used, consider
    #9 14.11     re-running the configure script with MAKE="gmake" (or whatever is
    #9 14.11     necessary).  You can also try re-running configure with the
    #9 14.11     '--disable-dependency-tracking' option to at least be able to build
    #9 14.11     the package (albeit without support for automatic dependency tracking).
    #9 14.11 See `config.log' for more details
    ------
    executor failed running [/bin/sh -c wget https://curl.haxx.se/download/curl-7.70.0.tar.gz && tar xfz curl-7.70.0.tar.gz     && cd curl-7.70.0/ && ./configure --with-ssl     && make -j 16 && make install]: exit code: 1
    

    I also have tried the suggestion to re-running the configure with the --disable-dependency-tracking option, but still no luck.

Sign In to comment.