Official dynstr Discussion

any hint for foothold? ive been bruteforcing subdomains but got nothing

Type your comment> @jlpung said:

i think the problem is that there are not much documentations on the vulnerability, and we can only read through the documentations on the api to try to figure out whats there to be done. Its seriously a super hard box for medium.

finally rooted! EDIT!

@esmyl yup got it finally! hahas

Can anybody give me a nudge? been stuck for a few hours already

Type your comment> @bgokjh said:

Can anybody give me a nudge? been stuck for a few hours already

Same here. Got a CVE… but there is very little info on the same. A nudge on foothold will be much appreciated.

great box! rootet it, if anyone need a hint, just let me know!

Spoiler Removed

To the 5 people who insta-pm’d asking for foothold hints… I would typically wait until it was out of release-arena… but - you are given most of what you need on the web-page, treat the REST as you would pen-testing any other API, don’t overthink it.

I am having problems with connecting to the RA VPN…Any help??

Type your comment> @malc said:

Yup - nice box. I found at least 2 ways to root-flag… would be interested to know which of them @jkr intended

root@dynstr:~# hostname ; id
dynstr.dyna.htb
uid=0(root) gid=0(root) groups=0(root)

its the shell one :slight_smile: i think the other way will be patched soon

got the flag !!! but not the shell :frowning: if someone can give me a hint I would appreciate…

I’m really struggling to get the RCE to work. Any nudge would be appreciated!

guys, im happy to help but pls. before you write me, as @malc also mentioned, read the provided homepage!

■■■■ this is one ■■■■ of a box…Foothole took me like 5 straight hours

Spoiler Removed

Uff! Finally rooted!

One of the best boxes I have done so far! Thanks to everyone who has helped me! Also kudos to @jkr

Feel free to PM for help.

Root definitely has me stumped. I see the mechanism but I am not understanding how to exploit… time for more trial and error.

Finally rooted this monster…The best medium box so far…I really recommend this box to anyone who is trying to go from intermediate to advanced…

Foothole:
The directory structure seems a bit unfamiliar… However “dorking” helped me.
When you have a lot of characters to bother at, just change the encoding

User:
You will need a relative of “nslookup” to help you.
just “update add” and tell to who you are and where you from.

Root:
Basic enum…Once you find it, read…read until you understand what it does
There are is more than one way to read files

Hope these will help you…If you get stuck you are always welcome to DM…

Rooted !

Nice machine ! learnt a lot
Thank you @jkr
:smile:

This was a fun box, but I got delayed a couple of times by something annoyingly trivial in the end!

Foothold: As people have said, follow the instructions, then test this in the normal way - I got delayed by a couple of lists which for completely unjustifiable reasons, didn’t have the crucial piece of data in! (It really is that annoyingly blatant)

User: The hint is in the image, but there are unusual restrictions, however this machine offers unusual solutions to these restrictions too - I quickly spotted the means to make this change, but also didn’t account for the process in reverse and again lost a lot of time trying to work out why I still couldn’t get user!

Root: The designed route to root is pretty classic, check the usual things, then look at how you can abuse the obvious one - ALL the info is out there and if you’re stuck, just read the manual, there are a lot of ways to abuse this :slight_smile:

Great stuff jkr