It’s too easy for me to try to solve it
I am fascinated that there are still no user bloods. I am going to take that as a sign I should avoid it for months …
Type your comment> @TazWake said:
I am fascinated that there are still no user bloods. I am going to take that as a sign I should avoid it for months …
This statement scares me – especially from someone with 36x more points than I have!
@ricm916 said:
This statement scares me – especially from someone with 36x more points than I have!
I’ve been lucky - I really suck at binary exploitation!
@TazWake said:
@ricm916 said:
This statement scares me – especially from someone with 36x more points than I have!
I’ve been lucky - I really suck at binary exploitation!
And this machine is taking binexp to a whole new level
The initial vulnerability can be spotted easily, but now I have to read quite a lot how to actually exploit that “technology” O.o
I have the vague picture of what I need to do, but man there’s going to be a lot of blog reading if I want to get anywhere here.
Type your comment> @TazWake said:
I am fascinated that there are still no user bloods. I am going to take that as a sign I should avoid it for months …
HAHAHAHA funny comment xD
Type your comment> @TazWake said:
I am fascinated that there are still no user bloods. I am going to take that as a sign I should avoid it for months …
Ahahahahahah!!! ? ? ?
Are we sure the download needs to be bin exploited?
Has anyone done a bindiff between the download and the ropetwo download?
fulcrum and hackback as far as i can tell WERE the two longest bloods to get. This box has put them to shame.
Got a local exploit working. On to remote. Good luck if you’re just now starting - lots to learn with this one!
@sparkla said:
There go my dreams of “having a chance because everyone else gave up”.
And there they are completely gone, now
Box has been rooted (in an unintended way, though)
@HomeSen said:
Box has been rooted (in an unintended way, though)
Unintended ways are my favourite way. They give me hope being able to do it…
@TazWake said:
@HomeSen said:
Box has been rooted (in an unintended way, though)
Unintended ways are my favourite way. They give me hope being able to do it…
They just fixed it, and are now rolling out new machines.
Meanwhile, I am reading blog posts about “Careful children’s shoes” (translated by Chrome from Chinese to English), without really knowing what Chrome is trying to tell me by that
I love it that one person rated root difficulty as “Piece of cake”
Type your comment> @bigFish43 said:
I love it that one person rated user and root difficulty as “Piece of cake”
lol, so the box is from a scale of piece of cake to brain ■■■■.
For 2 days now I have been looking for ways to attack the box, but there is no result. I will be very glad to any hints. Never sat 2 days without a foothold
@GreyParzival said:
For 2 days now I have been looking for ways to attack the box, but there is no result. I will be very glad to any hints. Never sat 2 days without a foothold
Check what the box has to offer, compile it, and then you’ll probably have to research a lot about the topic
The foothold is really hard, but well worth the effort for how rewarding it is. The step to user however looks like a whole other level. I’m going to be here a while lol.
Edit: For anyone starting out, the best tip I can give is: Ubuntu, fetch, revert, patch, compile
@sparkla said:
@HomeSen said:
Check what the box has to offer, compile it, and then you’ll probably have to research a lot about the topicYour comment saved me a week and at least 5k grey hair.
Don’t make my mistakes and try to compile on Kali. I at least miss some build packages and need to start over completely…
I used a freshly installed Debian 10 VM for that (with 4 vCores and 8GB of RAM) and it took ~30mins (plus the time to install and configure Debian and the according packages)