Foothold: check the request and play with it
User: old vulnerability, search for it
Root: Never played with go, but i think its doable with a bit of research. When exploiting binaries what is the most useful thing?! (i think it is the source code )
Pm me if needed (but at least have concrete questions)!
Just rooted this box… although, it’d be more accurate to say, “I got the flag”…
I couldn’t get my version of the “attack script” to pop a reverse shell; I knew my script was being executed, because I got it to run id and saw the expected result. Try as I might, though, I couldn’t get my reverse shells to work. In the end, I just catted what I needed. Like I say, I got the flag, but don’t really feel that I “got root”, if that makes sense…
If anyone here did manage to get a rev shell to work (or get in as root), would you mind sharing how, via PM, please?
first box i managed to do without any hints. very straightforward , just needed some googlefu to figure everything out. enjoyed it a lot , thanks for the box!
Enjoyed this box. Tip for foothold - if youre getting a 5** error READ THE WHOLE ERROR DUMP. Not just the titles. I wasted more than an hour making that mistake
Thanks @felamos, I had a great time
What was particularly satisfying was how easy it was to get the foothold because the last time I had to deal with that kind of vuln, I struggled a lot to get it working. It feels good to see some progress on my end !
If anyone successfully managed to get his or her own crafted file working for the last part, I’d be happy to know. I tried several things but kept hitting segfaults.
For root part, i understood what needs to be done but was in the wrong place. i got the root flag after going to the right place. But can some give me more understanding about why the place mattered here. i didn’t get that part very well. send me a explanation in Pm. Thanks @felamos for this box, learnt a lot on this one.
regarding foothold. Lots of people are talking on it’s simplicity but I had trouble getting shell to work. Specifically issues with my Simp******erver not working for whatever reason(maybe needed dif port? not sure) Anyway another python library program and that helped A LOT…
second, people talk a lot about the 500 error and reading the error messages, but for me that didn’t really help. maybe I’m to thick for I couldn’t figure out why something didn’t link? All files were called 200 so giving up I ended up using a different resource than the one giving the 500. that helped.
to root. i go
Thanks you all for your returns but didnt need this tool, actually it is used by the only program I can run (don’t want to spoil) → line 5 in the import section. So it returns me a “cannot find package” error…
Foothold: Don’t believe everything. And google is your friend. Actually read the errors.
Local: Very basic enum.
root: More basic enum to find the obvious goal. Getting the ball over the finish line takes a bit of studying. The creators of this technology have everything you need.