Official Intense Discussion

Type your comment> @HomeSen said:

@k4u5h1k said:

Having a headache reverse engineering the second part after the dot

Not sure what you are trying to reverse engineer on the part behind the dot. You have the source, so you should be able to simply see what it is about.

But you can’t calc the 2nd part without knowing the value.

@ps9786 said:

@HomeSen said:

@k4u5h1k said:

Having a headache reverse engineering the second part after the dot

Not sure what you are trying to reverse engineer on the part behind the dot. You have the source, so you should be able to simply see what it is about.

But you can’t calc the 2nd part without knowing the value.

Well, that’s the actual challenge. Looking at how it is constructed, there is a way to “bypass” it :wink:

First Hard box im trying, and need some help. can someone pm please? :blush:

Got root.
Thank you @sokafr for such a nice box. Enjoyed analyzing python code.

@dayld congratz ! I’m glad you enjoyed it :slight_smile:

I’m stuck, I’ve managed to get a hash, but I can’t crack it. Can anyone give me any clues?

Rooted!!
The root and user part are quite different than the usual machines.

HInts:

For user part, you’ll find something vulnerable at webapp, use that and read the zip file very carefully …all you need is in those scripts, there is an attack that is unheard of…gotta make your own script .
For root part, sometimes when you can’t get to the other end of a river through a bridge, then maybe you could make a tunnel with your B*F weapons.

I hope i have not spoiled anything!! Feel free to pm me…

@CyberVaca said:
I’m stuck, I’ve managed to get a hash, but I can’t crack it. Can anyone give me any clues?

You don’t need to crack it. Look into other attacks against cryptographic hashes.

Type your comment> @metuldann said:

@CyberVaca said:
I’m stuck, I’ve managed to get a hash, but I can’t crack it. Can anyone give me any clues?

You don’t need to crack it. Look into other attacks against cryptographic hashes.

@metuldann said:

@CyberVaca said:
I’m stuck, I’ve managed to get a hash, but I can’t crack it. Can anyone give me any clues?

You don’t need to crack it. Look into other attacks against cryptographic hashes.

Ok, thx u. :wink:

Spoiler Removed

Spoiler Removed

Type your comment> @k4u5h1k said:

Type your comment> @WhosYourPaPa said:

i stuck at how can execute two Sqlite SQL. the sqlite execute mehod only can be execute one sql. it’s a rabbt hole? i tried using google , but not get any good result.

use CASE

nice, i scccessful executed sql. thanks.

Spoiler Removed

@shaoyongyang said:

i tried sql inject, but it’s faild. bad way. but it existence. just Sqlmap not support.

I’ll just this quote from the home page of the box, here:

One day, an old man said “there is no point using automated tools, better to craft his own”.

:wink:

is it normal for s**p to crash after single use, or why will i not be able to re-use after stopping? resetting solved it once, but i dont know how to avoid it

@Enyone said:
is it normal for s**p to crash after single use, or why will i not be able to re-use after stopping? resetting solved it once, but i dont know how to avoid it

It gets reset every so often.

Type your comment> @metuldann said:

@Enyone said:
is it normal for s**p to crash after single use, or why will i not be able to re-use after stopping? resetting solved it once, but i dont know how to avoid it

It gets reset every so often.

Do you mean the machine? i really dont want to reset all the time :smiley:

@Enyone said:
Type your comment> @metuldann said:

@Enyone said:
is it normal for s**p to crash after single use, or why will i not be able to re-use after stopping? resetting solved it once, but i dont know how to avoid it

It gets reset every so often.

Do you mean the machine? i really dont want to reset all the time :smiley:

Seems like that service you mentioned is reset every so often. Sometimes it doesn’t respond, sometimes it times out, etc. Keep trying and you’ll get there. :smile:

This box is really awesome and I enjoyed all the way upto first shell.
Onto root!

Finally user!!! What a ride that was…

Thanks to @HomeSen for all the help…