bu77er0verfl0w

About

Username
bu77er0verfl0w
Joined
Visits
209
Last Active
Roles
Member

Comments

  • Can someone confirm for the first 32bit binary are we looking for a type of exploit that rhymes with doormat ping? Did anyone actually exploit a BO in the first binary?
  • Fun machine, not sure how others ended it, pth or ptt? I used the former, after about a day trying the latter via linux. If anyone did the ptt method using kali, DM me pls. I would like to know how you did it. Machine is actually fairly easy if you …
  • Great machine for those new to exploiting Windows, like myself. I learned a lot from this machine, thanks @MinatoTW! Techinically there is no exploitation involved (making it the perfect machine for practicing you Windows-fu), its a game of "fi…
  • Should I be using actual media files to test the upload page? Sending random text files with video file extensions doesn't seem to lead anywhere...
  • Stellar Machine 5/5. Really educational, informative and fun. An expert machine, but neither totally hard nor brainfuck. A few red herrings (like a certain pair of hardcoded creds) here and there and lots of RTFM, but neither feel forced. I was goin…
  • If anyone is wondering about using python for the initial foothold, the W**3 module has builtin accounts you can use to send t**********s, or you can get test accounts from R***x online IDE. But you'll need an account or eth-address or whatever its …
  • 4/5. Great box, fairly easy, but not total beginner easy! Not very CTF like either, only user. Only one point off because the tempo slows down a little bit (lots of RTFM!) from k****a user to root, and the wonkiness of the CVE for the L** exploit fr…
  • Woooo!! 6/5, best machine so far, shoutout to @Ic3M4n for such a fun box. Nothing feels forced and yet every step is a helpful learning experience. Really for advanced peeps, but plenty of hints and cookie crumbs in this thread and on the machine to…
  • User was skid level easy. Root was easy, but so convoluted, and not to mention confusing since a lot of comments in this thread are misleading. Not a big fan of this machine, I feel it should have been worth more than 20pts since root requires more …
  • Nice box, I don't think its one ofmy favorites though. An intermediate level box (at least for user). Too much RTFM, although that is pretty much a preresequite for infosec, I find my self speed reading and missing stupid, obvous stuff lol. I'll giv…
  • Great box. Lightweight more for intermediates than pure beginners, but perfect progression for a study lab. Also there seems to be multiple routes to root this box. Some quick tips FOOTHOLD: Enumerate properly, don't worry about ban hammer and thi…
  • Whoaaaaah, nvm. Boy do I feel dumb =)
  • OKay rooted the box last night. I really enjoyed this box, even with bits of frustration peppered here and there. A good progression from the other begginer box, Irked. Some really fun moments mixed in with confusing moments. Thumbs up, overall. As …
  • Got User, working on root, I've done the whole cap privesc on a different box, cant remember which one atm. So I should pop this bad boy before I head to bed tonight. But before I finish and write my review I want to share a quick tip for anyone doi…
  • Awesome beginner machine. Really good for those getting used to pentesting and a little fun CTF type challenge for user Foothold: Enumerate! You don't need anything besides nmap and msfconsole User: a CTF like challenge. Find the first piece of th…
  • Cant seem to find RCE can someone PM me please. Been playing around with posts and a certain mailer exploit for over a day, getting pretty frustrated.
  • I have user already, but I'm about to go crazy because I've been trying to find out why a certain Ruby Script works without an IV (for a certain cipher) but when I try to use Op***l from the commandline it wont work without an IV. Crypto is not my s…
Avatar

Howdy, Stranger!

Click here to create an account.