Last Active


  • Can someone give a push into right direction for xen's foothold? I found bunch of places, wasn't successful in guessing, and stuck now.
    in Endgame Comment by dontknow June 2020
  • Can someone give push into right direction after inspecting repo.***? Ah... it is basic (initial) enumeration.
    in Dyplesher Comment by dontknow May 2020
  • Looking for a teammate(s). I have almost no knowledge about re/pwn, and have little will to learn it. Everything else know at least well and study it. I wanna progress on htb and get ability to do Endgame, but i always have 1 or 2 pwn-orientated mac…
  • Does anyone know article about getting proper tty, with some unusual methods? In this box it is pretty hard and, i hope, will be very useful in enum.
    in Fatty Comment by dontknow April 2020
  • Should not i be able to login somewhere as my customer account using connected auth account? If you willing to clarify how things work in this machine, i can pm my steps.
    in Oouch Comment by dontknow March 2020
  • Could someone recommend article or method how to properly put malicious stuff in docx for this machine? I have no expiriense in this field, for now i could not understand how it works just by looking deeper in docx.
    in Patents Comment by dontknow January 2020
  • Can someone help me with foothold-to-user binary? i found potentially vulnerable function, but dont exactly understand how it works.
    in Rope Comment by dontknow January 2020
  • Can someone give a hint about foothold? I am playing with web serv, but responses seems strange and generic. Also, struggling file people are talking about.
    in Rope Comment by dontknow December 2019
  • How to start pwning root binary? Usually i find bof, but for this bin i did not found anything like that. I am trying to find any leak or place where i can write input, but i just dont see any weak spot. Can someone send article explaining how to fi…
  • Is there a way to identify developer/name of this t**p? I am struggling to find correct documentation. EDIT: so no docs found... But blindly searching for attacks for that kind of service helped.
  • Type your comment> @phycomp said: (Quote) In docs of this app you can find file type that determines how the application works (if you strugling to understand what is this file, look at examples in git repo)., and structure of client requests. …
  • Can someone give a hint about solving Secret Message? I tried some auto tools on encrypted.txt and all of them did not gave good key, so i started doing stuff manually, i think i got correct first 5 letters... EDIT: so good auto tools exist, it is …
  • Type your comment> @commercialeer said: (Quote) If you talking about first script (from web server) - look for comments in code from author, if developer does not particularly understand how something should be done, then this something have hig…
  • Type your comment> @ghost5egy said: (Quote) On the main page you can find direction (file in dir), you can try to find this 'directory' manually or use small wordlist of very common dirs. It is important to look at the very specific error messag…
  • Can someone help with overflow? I have working script for my local machine, but in jet machine it prints some strange characters in the middle of execution and then fails, can't understand why. EDIT: proper tty is critical. You can find methods by…
  • Hint for overflow: look at available libraries for both versions of python on jet.
  • So, does anyone know how to make machine understand queries correctly and not give "but i'm single" "select few" "err err" instead of actual words? I am using tts org with male voice. I am trying to add spaces to make a…
    in AI Comment by dontknow November 2019
  • Any hint on command's payload/action? I can do simple stuff, but if i try to manipulate potential target (found only one in dashboard) it is just not happening. EDIT: So, manipulate potential target (doing XSS) pointless indeed. Look for vulns in un…
  • Can someone help me with initial malware drop? I think i obfuscated all scary words in script, then clippy-added script to doc, but something still blocking malicious stuff. I can send you vba and clippy command in PM EDIT: so vda not needed, i tho…
    in RE Comment by dontknow October 2019
  • Could someone explain how i can interact with, i suppose, contract? I am using python script and can call function, but getting < error. And if i am sending input to this function i getting wrong number of args error, which is strange, can't unde…
  • What could possibly be done with this uploading? EDIT: Without knowing how uploading work it is really hard to highlight useful vuln from tons of strange search results.
    in Player Comment by dontknow October 2019
  • I have absolutely no idea how people guessed right way to file in process. If you are trying to enumerate all what you can, and then somehow combine it to way-to-go this is not that kind of machine, at least it is not for foothold's file in process.
    in Player Comment by dontknow October 2019
  • Clarification for foothold: if someone's script does not work - use native tool.
    in Sniper Comment by dontknow October 2019
  • Spoiler Removed
    in Player Comment by dontknow October 2019
  • Hints for foothold: e-mail field is really confusing, dont trust it.
    in Json Comment by dontknow September 2019
  • Is am writing script to interact in internal service used python and bash scripts to do it, but they both failed. Help? EDIT: If you writing script with sockets or call and it is not working - consider using telnetlib, simple and efficient.
  • I am chaining vulns for foothold, i can see what can be used for getting shell, but my script not working as i expect. Edit: if you trying to write your own stuff from the beginning and it is not working, consider using existing things on machine. …
  • Type your comment> @rholas said: (Quote) That was painful, i always trusted default pages.
    in Safe Comment by dontknow September 2019
  • Can someone give a hint for foothold? I can see special service, but throwing random stuff in it does not sounds fun. I checked for shellshocks, $(id) stuff - nothing. I tried finding something on webserver (most of my requests get cancelled, even…
    in Safe Comment by dontknow September 2019
  • Looking for help with foothold: I am trying to leak info from ftp, trying proxy-connecting from zetta to my server, but... i suppose, i can not? Or my command incorrect? Anyway, is it looking like right way to go? If yes, can you consult me how to d…
    in Zetta Comment by dontknow September 2019

Howdy, Stranger!

Click here to create an account.