OOOhhh I didn´t know that bro … where can I know all the machines that will be retired ?
In the Machine’s side (left) column in HTB page, you can see ‘unreleased (1)’, click it to reveal what old machine will be replaced by the new machine. This week Travel is retiring and Compromised coming the way in.
OOOhhh I didn´t know that bro … where can I know all the machines that will be retired ?
In the Machine’s side (left) column in HTB page, you can see ‘unreleased (1)’, click it to reveal what old machine will be replaced by the new machine. This week Travel is retiring and Compromised coming the way in.
Roger that !!.. I only saw Release Arena ! … thanks bro !
I don’t know how far I have advanced, but I will take a look into those files !! … some zlib too I´m not sure !! but I like it !!
There is a lot to process in the files but they (if you include the files they reference) do actually cover everything needed for the foothold. It’s just really hard to work out - running trial and error bits helps a lot but can take a long time.
I don’t know how far I have advanced, but I will take a look into those files !! … some zlib too I´m not sure !! but I like it !!
There is a lot to process in the files but they (if you include the files they reference) do actually cover everything needed for the foothold. It’s just really hard to work out - running trial and error bits helps a lot but can take a long time.
I did all my research and all looks like i need to do something with Mem-----d but all is going to a DDos and UDP spoofing … I´m here becase I got mixup Admirer IP with this LOL :!!
I did all my research and all looks like i need to do something with Mem-----d but all is going to a DDos and UDP spoofing
There are lots of ways to attack that service rather than use ExploitDB to find a vuln. In this instance you aren’t attacking it, you are using it.
It really is just a part of the attack here - you need to give it something it is looking for so everything else can work.
There are other parts of the files which are much, much more important.
… I´m here becase I got mixup Admirer IP with this LOL :!!
Lol, fun times!
It is a good box. It is just super hard and really time-consuming if you dont already understand the way the attack works. The attack is “known” but it isn’t seen very often on CTFs.
I did all my research and all looks like i need to do something with Mem-----d but all is going to a DDos and UDP spoofing
There are lots of ways to attack that service rather than use ExploitDB to find a vuln. In this instance you aren’t attacking it, you are using it.
It really is just a part of the attack here - you need to give it something it is looking for so everything else can work.
There are other parts of the files which are much, much more important.
I tried a lot of tools but nothing could hit the port, I will wait for a writeup to understand where I was stuck and learn next steps ! I tried but I´m new on CTF challenges and this was my first Hard CTF !! .
As alway thanks brother for all the support I learned new things with this box with only tw0 days
I did all my research and all looks like i need to do something with Mem-----d but all is going to a DDos and UDP spoofing
There are lots of ways to attack that service rather than use ExploitDB to find a vuln. In this instance you aren’t attacking it, you are using it.
It really is just a part of the attack here - you need to give it something it is looking for so everything else can work.
There are other parts of the files which are much, much more important.
I tried a lot of tools but nothing could hit the port, I will wait for a writeup to understand where I was stuck and learn next steps ! I tried but I´m new on CTF challenges and this was my first Hard CTF !! .
As alway thanks brother for all the support I learned new things with this box with only tw0 days
Ok - it wont be long now anyway.
In a nutshell, if you read the code its possible to identify a way to inject stuff which can make a request on your behalf. With some effort this can be used to bypass a control and send data to a system which opens the door to further exploitation.
It is one of the hardest footholds I’ve seen in a long time.
In a nutshell, if you read the code its possible to identify a way to inject stuff which can make a request on your behalf. With some effort this can be used to bypass a control and send data to a system which opens the door to further exploitation.
It is one of the hardest footholds I’ve seen in a long time.
I´m not sure about it but I guess I saw that part into the code after URL validations with the curl to the URL but I could not figured out how to exploit it I need to keep reading and practicing
@H4FN
Buddy. All you need is to study the source code and a tons of googling.
If you’re trying to do the box before it’s retiring, I’m glad to help you.
Read this article and also read the internal links also. It will help you to understand how internal SSRF can be launched.
I´m not sure about it but I guess I saw that part into the code after URL validations with the curl to the URL but I could not figured out how to exploit it I need to keep reading and practicing
I’d strongly recommend working through Myrtle’s write up of this box. It is really good.
I´m not sure about it but I guess I saw that part into the code after URL validations with the curl to the URL but I could not figured out how to exploit it I need to keep reading and practicing
I’d strongly recommend working through Myrtle’s write up of this box. It is really good.
hahaha and I was thinking only on the SimplePie, Memcache and the Debug php … I have to many new information to process !!
I’m trying to start growing new skills as a security guy coming from a simple software developer guy but alway it is like … DAM I only know that I don’t know anything …
@H4FN … just like @TazWake said. I’m also suggesting everyone to go through Myrtle’s write-up. Mam’s write-up is bleeding edge on explaining nook and corners of the box.
security guy coming from a simple software developer guy but alway it is like … DAM I only know that I don’t know anything …
Don’t judge yourself based on this box. It had one of the hardest footholds I’ve seen in a long time.
I’m back after my depression with this box hahaha !! I will continue this week with other boxes good to know that it was one of the hardest and I tried it without success but its part of keep learning
I know the box is retired but i have vip so i can still use it. I just started on it. I the pwnbox machine. The urls are not working for me when opnening them in firefox or Chromium. What do i need to do to fix this?
I should not need to write them in my hostsfile since im on pwnbox? (i did not need to do it when doing active machines). Just in case i added them but its still not working. Any Ideas?