I wrote a script for the g**c service but i am not sure about the parameters to send. Any nudges?
Any help on decrpting the file using algo A**-*** i got key and ciphrtext
I can see why this box is rated insane. Iāve spent pretty much all day on it and Iāve made almost no progress.
I found a website which helped me build a scanner I could use, I found a new thing listening and I think have found vulns on the new thing, but nothing is working.
Going to give up and take a break for a while I think.
@TazWake said:
I can see why this box is rated insane. Iāve spent pretty much all day on it and Iāve made almost no progress.
I found a website which helped me build a scanner I could use, I found a new thing listening and I think have found vulns on the new thing, but nothing is working.
Going to give up and take a break for a while I think.
Donāt give up buddy, if you found something answering you are close to the graal.
@Caracal said:
Donāt give up buddy, if you found something answering you are close to the graal.
Thanks, I wonāt completely give up - I just needed a break (and passage helped!).
Yeah, at the moment I can send to the $thing and I can see a different response if I hit the wrong $thing or send the wrong data to it, but I cant seem to get the code to display the content of the response. Tiny bit frustrating but I think Iāve gone blind to any errors Iāve made.
Hopefully, fresh eyes tomorrow (or a day or two) will help.
EDIT: progress at last!
can someone give me hints to get user? i got connection back but dont know what to do
Havenāt started this machine yet, but looking at first bloods, it took 4min to get user ā¦
That must be the first for an Insane level machineā¦
Edit; yup just realized that was what everyone talked about on page #1
Such an excellent box! really enjoyed it.
PM for nudges, hints or sanity checks
@acidbat said:
Edit; yup just realized that was what everyone talked about on page #1
Yeah - sadly that door got closedā¦
I have to admit it took me about 3 days to get user on this box. A mix of a typo I never noticed for a long time, it being really challenging and some things I just needed to learn, made it quite a steep journey.
I still havenāt got round to rooting it - I had a look, couldnāt see the easy button then got distracted by work.
I just got to read that documentation around g**C, i know nothing about that. Can i reasonnably think Iāll get somewhere ?
@lebutter said:
I just got to read that documentation around g**C, i know nothing about that. Can i reasonnably think Iāll get somewhere ?
Definitely! Youāre on the right track. I suggest having another read of the Usage section of the decrypted file and then searching for a certain Python module (g*****-****s) that will help you generate some code to use.
Yes thatās what i did yesterday evening, it was easier than i thought. Still no user in sight though lol
@lebutter said:
Yes thatās what i did yesterday evening, it was easier than i thought. Still no user in sight though lol
Then Iām not sure how much this will help but if youāve defined the service correctly using p****f youāre almost there. You just need to write some code to interact with the gC server. The main components are a channel (for the connection), a stub (to call the specific method) and content to pass to that method, the form the content should be in is hinted at in the document.
Itās difficult to explain without giving too much away, youāre welcome to PM me for a bit more of a nudge.
Thanks amigo, I think i got that to work, i stopped for the day after getting the client/server talk to work, foudn out the format to use etcā¦ Iāll carry one with the next stages tonight, good to know the user flag shouldnāt be too far after that !
Finally completed it, i think thatās my first insane box, what a marathon box, it never endsā¦
Whatās really hard is that at 2 points it requires a bit of guessing, so you may be doing the right thing, itās easy to stop if no positive outcome appearsā¦ while youāre actually doing the right thing and just missing a bit of random trial and error.
Rootedā¦
ā¦but with an enormous load of help from a friend whoās definitely way better skilled than me.
I thought it would have been a good thing to try teaming up in order to learn better.
Iām not sure that it was a success, because i do not have understood all the passages, especially the g**c part, where Iāve got almost totally lost, and i just followd him on the thing.
Root was different. Here I got a grip on the path almost immediately, but i totally missed the āreflectiveā part.
I would like to say that iāve learnt a lot, but itās not completely true. I trailed a lot and I still have to understand too many things.
This was such a great box! Thanks @MrR3boot & @R4J! User was very long, very fun, but in my comfort zone. Did remind me of travel, which was great, as I also really liked that box!
Getting root was less involved, but outside my comfort zone, so it took me some time and a helpful nudge from @nathantemplar! Thanks!
If someone wants a small nudge or a sanity check, feel free to send me a pm!
Thanks for the feedback and Good work!
How one supposed to proceed with āblindā part of the journey?
My dream to send picture of my ā ā ā ā on my neighbour printer will finally come true !