Last Active


  • (Quote) Cool, did that improve the ranking?
    in FluJab Comment by PT3 February 2019
  • (Quote) Seems with a 54% approval rating, and at the bottom of the pack, there is room for improvement. There are 10 current boxes with an approval rating over 90% one actually at 98 percent this morning. Whats different between this box and Sizzl…
    in FluJab Comment by PT3 February 2019
  • (Quote) There would be in this kind of login request. It's a clear text protocol and thats how it works. The pw in not passed in clear text. But then again I always use the hash of my pw as a pw somewhere else cause it's just cool and so easy t…
  • It's been quality CTF. I mean when I have to search though multiple "image" files to find a text file with a PW to login. Or extracting a "hash" from somewhere and spending time to crack it, only to find out the "hash"…
  • (Quote) Well of course it's not identical. The local IP's aren't 10's....... Making it identical wouldn't work now would it.
    in Dropzone Comment by PT3 May 2018
  • Ok I found the upload.... I created the dropper and dropped it I get nothing. I've built out a replica Victim VM and installed the service. On the replica system I can drop and get the call back all day long. Not here the real box. I suspec…
    in Dropzone Comment by PT3 May 2018
  • I'll never eat another one. LOL
    in Falafel Comment by PT3 March 2018
  • The Big Four: The Beatles, Pink Floyd, Led Zeppelin and Jimi Hendrix.
  • Can anyone thats completed jail PM me. I've got a few things and am having trouble changing to another user. Just want to make sure I'm not digging the rabbit hole deeper.
  • Four days in ROP hell but I got it. P1rs1ng6407 your suggestion didn't click at first. I finally saw the light.
  • OK I've changed my code to use another call to execute commands. I can execute "id" through the vuln in goodluck. it returns : uid=1000(xalvas) gid=1000(xalvas) groups=1000(xalvas),4(adm),24(cdrom),30(dip),46(plugdev),110(lxd),115(lpadm…
  • Has anyone had luck moving the privesc vulnerable bin to an offline system for testing. I've tried and failed.. Tired of the box getting reset while working.
  • I as well have been struggling with getting to the magic function. Yes I can do it in gdb. I cant get the "A" variable set to anything else. Sorry this if this is vague. I'm trying to prevent spoiling. Is it all done through the file …

Howdy, Stranger!

Click here to create an account.