I kinda feel to have cheated for this, thus i am not really satisfied. I spent an hour and a half thinking if it was right or not to submit the root hash⌠?
Possibly overthinking. There are lots of articles which give hints and tips for every box.
As long as youâve made notes, can recreate it in the future and have learned something, its all good.
I kinda feel to have cheated for this, thus i am not really satisfied. I spent an hour and a half thinking if it was right or not to submit the root hash⌠?
Possibly overthinking. There are lots of articles which give hints and tips for every box.
As long as youâve made notes, can recreate it in the future and have learned something, its all good.
âŚwell, indeed i didnât said that i did not submitted the root flag! ?
That must be the first Hard box i do pretty much on my own so quite pleased with it, although i still needed nudge because i missed the actual vulnerability to use for the foothold, which is quite frustrating.
As someone said earlier I wonder how you can endup trying to exploit a CVE so quickly (user blood within an hour), as itâs not particularly ranked high and doesnât popup flashing in red on scans⌠canât say more without spoiling though.
This is a really enjoyable box. It made me learn how to use some tools and techniques Iâd not fully understood until being forced to use them for this box. Thanks to @MrR3boot and @MinatoTW for taking the time to create it.
Thanks to @TazWake for facing me in the right direction once again when needed.
As usual, it was an opportunity to learn a bit more about certain technologies. My 2cents:
Foothold: the vulnerability should be obvious (although there are some unknowns there in terms of its requirements and the chance of success). The only difficulty is to get the right path. Play around with the requests to get that.
Letâs call this one âpivotâ: another vulnerability in a local service
Root: from where you landed, stay home, and look for that thing that shouldnât be exposed
Rooted the box, It was a fun box revolving around cves. The last bit of root is something I couldnât understand completely, So if someone who could explain me the last bit PM.
Thanks @11o for all the nudges.
Rooted! Very nice box! The thing I liked it most was that I got to root with basically only c**l.
One point I would like to hear from others, however, is if the foothold path is really realistic or this box prohibits certain commands from being executed through the payloads explicitly. My tips:
Foothold: you can find the path with a little of googling. The real problem is that you need to gather the pieces you need. Remember that is always bad (or good in our case) when servers exposes too much of information.
Yeah, the foothold requires pretty esoteric syntax of the command. I encountered it by chance on some random github bug report. Would never know otherwise.