Last Active


  • C:\Windows\system32>whoami nt authority\system Fun box - I learned a lot. Thanks @4ndr34z !
  • Managed to get user. Some idea of how to get root, but no progress yet.
  • Nice box. Some good hints above too, especially from @f1rstr3am and @N4gi
  • Struggling with the final step on this box. I have found the interesting file, and know what I need to do, but can't locate the info I need inside it. Anyone able to help? Update: Found it. A different tool helped - the one from the NSA works wel…
  • Done. What a fun ride. Thanks @Chr0x6eOs for the box!
  • Some progress. I now have access to another app on the same port. Would not have found it without help. Can't see how to exploit it for a foothold yet though.
  • Tough box so far. Foot hold was a new variation of something familiar, but like some others I haven't moved forward yet.
  • I'm able to read files, and there is one in a certain language that I think will help me create a foothold. I have the file name, but the file itself is taking ages to download even without the usual tool. Is this the right way?
  • rooted. foothold took the most time - it turned out I had the right approach, but it wasn't working in the release arena, maybe due to a network timeout. trying again in VIP it worked first time. thanks @ompamo for a fun box!
  • Type your comment> @kavigihan said: (Quote) Stuck at this point also. Has anyone moved forward from here?
  • Nice work @byt3punisher Release the dogs!
  • Finally managed to move forward from the restricted environment, and got the user flag :) EDIT: Got root. The hint from @mfidel about dogs is a good one. Lots of steps from user to root, but the path is fairly clear. Thanks @CyberVaca and @3v4Si0N…
  • Type your comment> @f1rstr3am said: (Quote) In the same position now. Using RCE to slowly look around, but the environment seems very restricted.
  • Done. Nice box - path was straightforward but involved trying some new things. Thanks @MrKN16H !
  • Done. Took me longer than it should have due to a typo near the end. Like others above I learned a lot about a protocol I hadn’t used much before. It was also cool to see one of the classic exploits come back with a new twist. Thanks @polarbearer a…
  • done. took me a long time, and I learned a lot of new things. thanks @sicario1337 for your advice along the way. great box @MinatoTW & @polarbearer !
  • One step further - I can generate a file in the right format to trigger the B_F. Now trying to come up with a useful R_P c___n with the very limited number of gadgets available. Update: rooted. Man this box was hard, probably the hardest one I'v…
  • Picking this box up again after a long break. I think I have the pieces I need to get to root - BF param, service to target, obscure port. Now trying to generate a file in a format the service will accept, with the content I need, and struggling to …
  • Really fun box which taught me a lot, thanks @felamos. Thanks also @sicario1337 for keeping me on track. PM if you need a nudge.
  • Managed to get the root flag without a shell. Really fun box, thanks @jkr and @xct. I learned heaps.
  • Type your comment> @sicario1337 said: > Hey guys... a little nudge please on foothold.... Just started this box yesterday and have figured out the RCE path from guly's response. I can successfully get a ping back but not a reverse shell... An…
  • rooted. really fun box that taught me a lot about the app it is named after, the main tool needed to exploit it, and finally the k dog. thanks @itsdafafo for a steer near the end. great box @polarbearer! pm if you need a nudge.
  • rooted. what a fun box - thanks @MrR3boot! PM if you need a nudge.
  • rooted. thanks @mostwanted002 for the fun box. some good hints above already so i won't add to them. PM if you need a nudge.
  • rooted. really fun box with a nice progression through the various steps, thanks @helich0pper! PM if you need a nudge.
  • Finally got user after many wrong turns and rabbit holes, and learning a lot. Thanks @TazWake for patiently answering all my questions.
  • Type your comment> @Tr41lBl4iZ3r said: > Hi > > I have sent mister Guly a few emails. But he does not want to review my exploit code XD. > > Is there anyone who might help me in the right direction? > > please DM …
  • rooted. thanks @felamos for a fun box. lots of good hints in the thread above. for the final step I would add that if you have the right tool, getting the strange file to do what you want isn't too difficult. PM if you need help.
  • rooted. fun concept for a box - thanks @0xdf! lots of good hints above so I won't add to them. PM if you need help.
  • Type your comment> @TazWake said: (Quote) Same here. User was hard and I learned a lot, but I’m very stuck on the binary. Seems like it is meant to be a B*F attack, but looking at the dump of objects it doesn’t seem to do anything with the argum…

Howdy, Stranger!

Click here to create an account.