Official Laser Discussion

I wrote a script for the g**c service but i am not sure about the parameters to send. Any nudges?

Any help on decrpting the file using algo A**-*** i got key and ciphrtext

I can see why this box is rated insane. Iā€™ve spent pretty much all day on it and Iā€™ve made almost no progress.

I found a website which helped me build a scanner I could use, I found a new thing listening and I think have found vulns on the new thing, but nothing is working.

Going to give up and take a break for a while I think.

@TazWake said:

I can see why this box is rated insane. Iā€™ve spent pretty much all day on it and Iā€™ve made almost no progress.

I found a website which helped me build a scanner I could use, I found a new thing listening and I think have found vulns on the new thing, but nothing is working.

Going to give up and take a break for a while I think.

Donā€™t give up buddy, if you found something answering you are close to the graal.

@Caracal said:

Donā€™t give up buddy, if you found something answering you are close to the graal.

Thanks, I wonā€™t completely give up - I just needed a break (and passage helped!).

Yeah, at the moment I can send to the $thing and I can see a different response if I hit the wrong $thing or send the wrong data to it, but I cant seem to get the code to display the content of the response. Tiny bit frustrating but I think Iā€™ve gone blind to any errors Iā€™ve made.

Hopefully, fresh eyes tomorrow (or a day or two) will help.

EDIT: progress at last!

can someone give me hints to get user? i got connection back but dont know what to do :expressionless:

Havenā€™t started this machine yet, but looking at first bloods, it took 4min to get user ā€¦
That must be the first for an Insane level machineā€¦

Edit; yup just realized that was what everyone talked about on page #1 :stuck_out_tongue:

Such an excellent box! really enjoyed it.

PM for nudges, hints or sanity checks

@acidbat said:

Edit; yup just realized that was what everyone talked about on page #1 :stuck_out_tongue:

Yeah - sadly that door got closedā€¦

I have to admit it took me about 3 days to get user on this box. A mix of a typo I never noticed for a long time, it being really challenging and some things I just needed to learn, made it quite a steep journey.

I still havenā€™t got round to rooting it - I had a look, couldnā€™t see the easy button then got distracted by work.

I just got to read that documentation around g**C, i know nothing about that. Can i reasonnably think Iā€™ll get somewhere ?

@lebutter said:

I just got to read that documentation around g**C, i know nothing about that. Can i reasonnably think Iā€™ll get somewhere ?

Definitely! Youā€™re on the right track. I suggest having another read of the Usage section of the decrypted file and then searching for a certain Python module (g*****-****s) that will help you generate some code to use.

Yes thatā€™s what i did yesterday evening, it was easier than i thought. Still no user in sight though lol

@lebutter said:

Yes thatā€™s what i did yesterday evening, it was easier than i thought. Still no user in sight though lol

Then Iā€™m not sure how much this will help but if youā€™ve defined the service correctly using p****f youā€™re almost there. You just need to write some code to interact with the gC server. The main components are a channel (for the connection), a stub (to call the specific method) and content to pass to that method, the form the content should be in is hinted at in the document.

Itā€™s difficult to explain without giving too much away, youā€™re welcome to PM me for a bit more of a nudge.

Thanks amigo, I think i got that to work, i stopped for the day after getting the client/server talk to work, foudn out the format to use etcā€¦ Iā€™ll carry one with the next stages tonight, good to know the user flag shouldnā€™t be too far after that !

Finally completed it, i think thatā€™s my first insane box, what a marathon box, it never endsā€¦

Whatā€™s really hard is that at 2 points it requires a bit of guessing, so you may be doing the right thing, itā€™s easy to stop if no positive outcome appearsā€¦ while youā€™re actually doing the right thing and just missing a bit of random trial and error.

Rootedā€¦
ā€¦but with an enormous load of help from a friend whoā€™s definitely way better skilled than me.
I thought it would have been a good thing to try teaming up in order to learn better.
Iā€™m not sure that it was a success, because i do not have understood all the passages, especially the g**c part, where Iā€™ve got almost totally lost, and i just followd him on the thing.
Root was different. Here I got a grip on the path almost immediately, but i totally missed the ā€œreflectiveā€ part.
I would like to say that iā€™ve learnt a lot, but itā€™s not completely true. I trailed a lot and I still have to understand too many things.

This was such a great box! Thanks @MrR3boot & @R4J! User was very long, very fun, but in my comfort zone. Did remind me of travel, which was great, as I also really liked that box!
Getting root was less involved, but outside my comfort zone, so it took me some time and a helpful nudge from @nathantemplar! Thanks!
If someone wants a small nudge or a sanity check, feel free to send me a pm!

Thanks for the feedback and Good work!

How one supposed to proceed with ā€œblindā€ part of the journey?

My dream to send picture of my ā– ā– ā– ā–  on my neighbour printer will finally come true !