Nofix

About

Username
Nofix
Joined
Visits
553
Last Active
Roles
Member

Comments

  • Rooted, thanks to @loptr for the tips on root. Doesn't felt like a 50pts box but I learnt TONS of things. I would say : don't be afraid to try this box if you don't have rooted 20box before. Thanks to the creator for this great box !
    in Fortune Comment by Nofix March 2019
  • Rooted. I don't like those CTF-ish box. I would not recomand this one to beginners on this website. Rooted the BoF way, I am super curious to know other ways to root the box. Feel free to PM about that, I would be glad to read your way of rooting …
    in Frolic Comment by Nofix February 2019
  • Happens sometimes when it fails migrating process. You don't need to reset the box, only need to do a new meterpreter connection.
  • You could also use RCE on port 3632 and get a user this way. I did privesc with firefart but I'm sure there are many other ways to get root.
  • Quite stuck on the box, I got the source code of (I guess?) the whole 3 websites, but can't find any RCE. Feel like I miss something, doing my whole enumeration again but nothing is showing up at the moment. EDIT : rooted. Thanks a lot to @clmtn f…
  • Got root shell after a LOT of trouble using my own created Admin user, which I didn't even manage to use at the end. My final solution was easier. Still don't understand what people calls 'uncles', didn't need them to elevate. I have a stable root …
    in Querier Comment by Nofix February 2019
  • Rooted. Great box, so angry at myself to have missed so much information. I lost myself in the maze so many times without noticing. User was a pain, root was super easy. Did anyone got a root shell on V****? I wonder if there is a privesc or someth…
    in Vault Comment by Nofix February 2019
  • Edit: thanks @ZaphodBB for the nudge!
    in Vault Comment by Nofix February 2019
  • Rooted. Super fun box I've learnt a lot of things. Lost like 3 hours on root doing crazy things before noticing it was easy ahah.
    in Zipper Comment by Nofix February 2019
  • Are those 7**p files of any use? Trying to break password for hours without success... EDIT : My bad, not enough enumeration.
    in Zipper Comment by Nofix February 2019
  • Rooted this box the BoF way. Feel free to PM me about the BoF. :) Learnt a LOT of stuff thanks ! Special thanks to @CaptainBounty helped me on enumeration part. The RCE was quite random to me, maybe I misunderstood something.
    in Redcross Comment by Nofix February 2019
  • I've managed to do my XSS work once, but can't manage to make it work again. Can I contact anyone to see what I am missing? Tried a LOT of payloads already...
    in Redcross Comment by Nofix January 2019
  • I'm failing to find the entry point. I've done quite a lot of enumeration, but still can't find any way to get in. May anyone give me a small small hint to push me in the right direction?
    in Redcross Comment by Nofix January 2019
  • Rooted, thanks to @cornholio for User, thanks for forum hints for root, it was way easier than I tought. Feel free to PM for hints.
Avatar

Howdy, Stranger!

Click here to create an account.