Last Active


  • @macrins96 said: (Quote) Make sure to NOT run the script yourself. Wait for the system to run it for you.
  • @crowman said: (Quote) What does the file command tell you about the file type? Also, you don't necessarily need to run it, to solve it ;)
  • @rnshkkj said: (Quote) Probably, yes. At least, I'm not aware of anyone who solved it with Linux/MacOS. If I remember correctly, the required tools don't work with the *NIX-variant of "the framework", and I also didn't get it to work unde…
  • @Helvedius said: (Quote) Sent you a DM ;)
  • @Seph said: (Quote) Don't run the tool yourself, but wait for someone else to do it for you ;)
  • @thecog said: (Quote) Use the services the system provides to you.
  • @dragonista said: (Quote) No need for gobuster, here. Just try to imagine what might be served by that server ;)
  • I played around with wine and the required tools, but couldn't really get them to run the way they worked on Windows: * the latest release of y_______l.n__ refuses to work under wine and mono, and instead crashes with unhandled exceptions. One migh…
  • @paddanada said: (Quote) Due to the technology in use, you will need to use Windows. Though I haven’t tried if it’s possible to use the exploit from within Wine. So, it might be worth to try. I might check, tonight, when I’m at my PC.
  • As Taz already mentioned: Having a spare hardware device is your best choice. To gather initial information about the USB stick, I can suggest using usblock: When usblock is running, and you insert any USB device, it…
  • @synap5e said: (Quote) Let me guess: You had to add a newline to the end of the file? For some reason, certain ssh clients require the key file to end with an empty line.
  • There is no authentication required for this part. I've just checked the part you are stuck at from within my CTF Kali VM and can enumerate just fine. Maybe you can try switching to another server instance or VPN zone, as you already ruled out (acti…
  • @TazWake said: (Quote) You are on the right track, and this is basically the way to go. In the beginning, it requires a slight twist, though. Do you already know what other internal resources there might be?
  • @R3ydar said: (Quote) Just an assumption: Many websites/CMSes/blog-engines automatically convert "straight" quotes to “typographic” quotes. And those are completely different characters which bash (or your shell in general) handles differ…
  • @chinavpn123 said: (Quote) You would need to change the PATH for the sudo environment, not for the sudo call: Not: PATH=bla sudo ... But: sudo PATH=bla ... But AFAIK, this was explicitly forbidden by the sudo config.
  • Hi. For trying out new OSes, I highly suggest using virtual machines. They allow to set snapshots, so that you can completely brick the system, and always can go back to a clean state without having to reinstall the whole system. Since you want to…
  • @f1rstr3am said: (Quote) Hehe, yeah. Writing code against MAPI is already "fun", but when you have to reverse-engineer it, it gets even worse.
  • @ellj said: (Quote) Sure. Feel free to DM me. It took me several attempts, but using wildcards you can get it quite "stable" ;)
  • @f1rstr3am said: (Quote) IKR. Wondering why the "ping back" for foothold rarely works, while the other reply comes back in a somewhat timely manner. Got it working once and know the user, but now it failed for the last 20 (or so) attempts…
  • @Megatron404 said: (Quote) Then allow you system to resolve that name ;)
  • It's a tad bit clunky, but you need to use the stdout buffer: python3 -c "import sys; sys.stdout.buffer.write(b'A'*5 + b'\xde\xad\xc0\xde')" | xxd00000000: 4141 4141 41de adc0 de AAAAA.... When using pwntools, you usual…
  • @AbuQasem said: (Quote) Well, yes and no. Java in particular (but also other server-side languages in general) doesn't like complex payloads. Often, it is better to download (and then execute) a shellscript to the target machine, and make the scrip…
  • @MartianArchive said: (Quote) Did you write a new one, or just edit the existing? I couldn't get my own file to work, so I simply modified the existing one.
  • @II0 said: (Quote) Haven't looked into the code, but it's most likely possible via the xmprpc.php endpoint. But it might as well be that MSF just does the whole: * log into wp-admin * grab CSRF token for plugins upload * upload plugin * activate p…
  • @bluesheep said: (Quote) As always with Java in particular (but also other server-side languages in general): Don't try to build too complex payloads. Often, it is better to download (and then execute) a shellscript to the target machine, and make …
  • @mkt said: (Quote) I don't have a VIP subscription, so I can't start the retired challenge, but if you want, I can take a look at what you tried (and compare it to my notes/script).
    in ropme Comment by HomeSen February 13
  • @GARYHAK2009 said: (Quote) Look what you are allowed to do. And then find and exploit it ;)
  • Now, that was fun. Pretty straight-forward machine without any guesswork or surprises. Yet still I learned something new. Thanks for that, @felamos :)
  • @aMir733 said: (Quote) After changing to U.S., did you regenerate your connection pack? Because this sounds more like you just connected to the same old server (that also failed to reset).
  • @saibafaita said: (Quote) Look at what happens before and reverse it ;) Feel free to PM, if that's too cryptic. Edit: Just saw you already PM'd me :blush:

Howdy, Stranger!

Click here to create an account.