Official Proper Discussion

Official discussion thread for Proper. Please do not post any spoilers or big hints.

Any tips on bypassing this biotch? someone assist with custom script…not trying to give to much of the py away lol

Man I got the lock and the bearings but can’t make a key that fits… wow this baby is tough more insane not hard, gonna work with me? Wanna take a long shot at it and crack it down who want’s to join?

Tough ■■■■ box, got web user creds and can do some things… but… clearly not doing the right thing.

Could someone give me a nudge please and thank you.

:stuck_out_tongue: not looking for the answer btw, just a tipping tip :slight_smile:

Just got user on this one. Men, this is as hard as fun!

Thank you @xct and @jkr, loved this so far! Expecially how the path to follow is pretty obvious but the actual exploitation definitely isn’t.

Yeah lol, I finally ended up getting it too. Rough box.

Interesting methods. I’m sure there are more than one way to do them though.
Looking forward to reading up on them after rooting.

Finally got user. I need to add this to my checklists…

Someone can give me a little direction, please? I got an idea what it might be, but I’m not sure how to approach it, don’t want to spoiler. Yeah this machine seems a lot harder compared to previous machines this month.

Love it so far! It’s been a while since I’ve seen the initial vulnerability done as something that wasn’t a throwaway challenge. maybe the user/root will be a CTF nightmare, but rn this is a great time <3

Type your comment> @riceman said:

Love it so far! It’s been a while since I’ve seen the initial vulnerability done as something that wasn’t a throwaway challenge. maybe the user/root will be a CTF nightmare, but rn this is a great time <3

Yeah, loved it as well! I can’t even remember another box with this type of vulnerability (the user foothold), but I bet it’s pretty common in the real world.

Now that you said it I’m starting to recall very very slightly… still missing a blib.

user own.
Took me 4 evenings !
Thank you for those who helped me (special thank to @bashketchum ).

Thank you @xct and @jkr, you’re good! I think it’s the box I liked the most so far; definitely learnt a lot!

Came back after a few days away. user was glorious. getting that to work was an awesome feeling. I’m pretty close to root, I just haven’t nailed it yet. This one is an easy favorite of mine.

Finally rooted, more then a week later. Definitely loved it! Learned so much from this one.

A lot of you are sending me PM: it’s ok, I’m happy to help, but mind that I have a job, and this habit of sleeping every now and then, so please be patient. Also I’m not willing to just spoil the box: ask for specific question, not just “What should I do?” or “Why this isn’t working?”. And be prepared for cryptic hints, not solutions :wink:

After a week full of action and “try & error” got user access to the box but BTH-Portal unfortunately doesn’t accept the content of “user.txt” as flag :frowning:

Took me a lot of time and a small hint, but I got user. What a fantastic box! Trying to get root now but I’m very new to Windows PrivEsc. If anyone can help me out, that would be great!

User hints (trying not to spoil anything): The obvious path is indeed the path you need to take. The way to get access is what you initially thought: be sure to thoroughly research the way you intended to gain access. You might have missed something :slight_smile:

Struggling to get root on this. I’ve tried whatever in my knowledge to go ahead, but i think that i’m again banging on my lack of skills in binary exploitation…any nudge would be really appreciated…

Rooted this box. Great experience and a lot of fun. Thanks @jkr and @xct! The learning has been through the roof!
For root:
There’s more than one way to solve it. Both require the same path.

Managed to get the root flag without a shell. Really fun box, thanks @jkr and @xct. I learned heaps.

Hello, I’ve managed to crack the hash but I’m not able to bypass the filter. Could anyone give me some nudge in this step pls :slight_smile: