0x41
Y'all gotta stop asking for help on here, send me a message instead
About
- Username
- 0x41
- Joined
- Visits
- 254
- Last Active
- Roles
- Member
Comments
-
ughhh i thought this was gonna be easy as pie until i saw no pages were mapped rwx :T
-
so.... slow..... i didn't have to do this in ages 😩
-
hey, please use the shell that's already on there instead of spamming the server with your own shells or at least give them names you can't find when dirbusting, kinda ruins it a bit other than that, fun little box ^^
-
no need to crack any hashes
-
sure just read the code ¯\_(ツ)_/¯
-
ah hell, i kept wondering how to get the source and didn't realise there was a goddamn download button under the start instance button m) EDIT: aaand got it. i tried the right thing from the very beginning before i even had the source, but looks lik…
-
got a whole bunch of weird behavious and an error message, but no matter what i do, i can't make sense of what happens behind the scenes. would appreciate a nudge
-
Type your comment> @tel0s said: (Quote) if you have only one argument you can pass, how can you put it in /tmp? ;) don't worry about where you put it, just download it and try running it from that directory
-
user fell, but not to me 😅 ask @haqpl, i'm still struggling with o**** rn
-
user finally fell!
-
Type your comment> @tel0s said: (Quote) no redirecions, one argument only. i recommend doing it in two stages
-
we're barely 2 hours in and if this is anything like qtcs other box, it's gonna be a while before someone draws blood :P i've got an idea or two about what might be going on, but nothing useful so far edit: ayyyyy it helps if you can read. i missed…
-
that waf is really annoying when you have something running in the background that throws different kinds of payloads against the box 😂
-
Type your comment> @tel0s said: (Quote) i was in the same boat as you before figuring out how to get around that (and later seeing other peoples logins and realising i didn't even need to get around that lol) where does the hashing happen?
-
i feel like P******J* isn't really stable. sending the same payload that did things before dosen't do things anymore :T EDIT: aaaand rooted. awesome box, had a lot of fun (except for the part where i got weird behaviour because of other people and …
-
depending on whether or not i'll be back home in germany i'd love to come too! central germany is also more practical for me
-
god damn it, @Layle idk how this was meant to be solved, but my way sure as hell gave me a headache...
-
kinda confused because both the printf and puts are returning absolutely no output for some reason :/ EDIT: just had to solve it in a probably convoluted and unintended way, but many roads lead to shellcode 8)
-
got code exec locally, but don't know how to do the S**i right to get a*** ro** :T annoying as hell, but man what a great box! makes me regret i didn't take the job at your place @qtc, we could've been colleagues :P EDIT: ahh realised where i went…
-
oh man this took me ages because of the slow af exfil... can't wait to go find some writeups and see if i just did it in a really stupid way lol EDIT: yeah i wasted hours because of slow exfil lmao. there's a much better way than acting blind
-
easy, all it took were the 20 most cursed lines of python you'll never see 😁😁😁 i enjoy challenges like this, they're great practice for hacking together quick and dirty scripts for weird real world situations in which you encounter weirdly formatted…
-
alright found some time to get back to this and took like 2 hours doing the wrong thing to get me to the flag. very hard challenge, such an annoying "waf"....
-
pretty sure i know what i'm supposed to be doing, but i'm struggling to get past the second error. if this is built the way i think it is, it should be pretty simple and deserve the rating it got, but something is in the way :/ would appreciate a nu…
-
fun box :D coudn't write a script for user, for whatever reason it just woudn't work, but it takes about a minute or two with burp :P root was a little too easy and fast tbh and files in the users home directory might spoil even that
-
can someone shoot me a hint about the initial foothold? i think i've got a vague idea about what to do, but with NX enabled and no output idk how to do it
-
user was relatively okay, root was annoying because the exploit i used didn't work for some reason? had to intercept the requests and pass them on 1:1 and then they worked for some reason
-
have a hard time getting root :/ i know what i have to decrypt, i know how to do it but i have no idea where to find the key EDIT: who the heck needs to decrypt their keys anyways, amirite? great box, was a lot of fun until i wasted hours at the v…
-
actually had it all right on the first try and wasted ages trying to fix it because of that damn /bin/sh offset anyone know why our string isn't waiting for us there? is that actually part of the challenge?
-
(Quote) nop
-
took me a few moments to figure out what i was looking at and a bit more verbose digging, but once i got it grabbing root was very simple. great box and a bit more LDAP knowledge i can use in the future
