Last Active


  • Spoiler Removed
  • That was a fun one. Bootie Rootie in about 2hours, yay! Learned a ton about the stuff involved with the privesc too.
  • Super fun box, very straightforward and the machine felt "lived in" which is nice. I am so rusty and made so many dumb mistakes, but 2'ish hours isnt too bad from boot to root after 6month break. yay learning! Foothold: enum the main serv…
  • Super fun so far, I love boxes like this! Got the o--th login working, played with the c--- tok---, but havent gotten any real juice yet. Im down to compare notes with anyone that is stuck.
    in Oouch Comment by emmycat March 2020
  • After I finish pwk and take my oscp exam Im down to join. I should be finished, or atleast do my first exam attempt, before the end of the month. I cant do HTB stuff until im done though.
  • Sure, sounds fun! Count me in.
  • Type your comment> @theonemcp said: (Quote) The empty file might not actually be empty. Maybe you should get ALL the INFO. :p
    in Nest Comment by emmycat January 2020
  • Ive got 8boxes in PWK so far. Still havent found a network key yet though. Im just doing cherrytree for now. Ill go back and take screencaps before my time is up. PWK/OSCP is 100% worth every penny. I love it, but their webui's look like theyre fro…
  • .deleted
    in Nest Comment by emmycat January 2020
  • Super fun box, however its not an easy box whatsoever. Ive been going my own route and not using the unintended path. I havent baked a cake in awhile, it was really rewarding. F' the language that some of the juicy stuff was written in though... Tra…
    in Nest Comment by emmycat January 2020
  • This box is a very chonky boy. (Image)
    in Patents Comment by emmycat January 2020
  • My three cents: -Install DVWA on a VM (or in docker) before your exam begins and start practicing. This will help to understand what vanilla vulns are already built into DVWA, as the hiring party will probably throw their own custom stuff in there. …
  • Root was super fun and I learned a bunch! My hunch was right in regards to A***E. The POC code from a certain three letter handle on github is a steaming pile trashbutt. I had to rewrite most of the POC script, but it worked in the end. Getting root…
  • I tried "guessing", then I got really really (really) dumb about password management. Got access to one "user" and found a neat file in another users directory with a very common tool (that isnt evil). Then I found a crumb that w…
  • Just snagged user in 57min! I learned some neat and new stuff, thanks to the creator of this box. I think ill grab root another day.
    in Registry Comment by emmycat January 2020
  • I had a lot of fun with this box. Dry January depression is in full swing and I needed some kind of win/success today. I started working on this box at 235PM and finished it at 427PM, and I suck at this stuff. Yes, its a pretty easy box, but it rein…
  • Root was crazy easy, but im glad I learned about this tool. Just RTFM and enum the GIT. Yaaaaay! PM me or hit me up on discord if you need help with this box.
    in Craft Comment by emmycat December 2019
  • I finally got user! I was making way more out of it than I needed too :p Now I just need to figure out how to manipulate this V***T tool to get that sweet juicy rooty tooty fresh and fruity flag.
    in Craft Comment by emmycat December 2019
  • I finally got a reverse shell. Thank you so much to @dirtyred for the reminder on the imports :p
    in Craft Comment by emmycat December 2019
  • Found 8***, tried different injections on the forms, tried running a dict against the t***p stuff (POST and GET, no joy on either). Played around with the sessid stuff, but that did go anywhere. S*****-S****S throwing a 403 looks interesting, but im…
  • Spoiler Removed
    in Craft Comment by emmycat December 2019
  • I had a nice plate of COOKIES, but my FLASK wasnt as full as I wanted; it was a thirsty SESSION. I hope I dont BURP. My brain hurts and this is a really tough challenge, but im learning a bunch. Oh jeez, having a bunch of, a buncha fun. Oh man.
  • Im able to clear the first error. Getting stuck on clearing the second error. Guess im just gonna have to... T R Y H A R D E R *rolleyes
  • User was 10000% harder than root on this one. Shell: SGT Google gave me the PoC to run some RCE. Its pretty simple and you are able to get revsh with it pretty easily (a revsh capable tool is already installed on the box). Ran basic enumeration and…
  • I had so much fun with this one! I learned some new stuff, and even found out that ive been writing my PHP wrong for years @[email protected] Some fresh and lovely hint cakes: -Dont dirb or gobuster, its a waste of time and resources. -Try some standard web file…
    in Grammar Comment by emmycat June 2019
  • Type your comment> @dividebyzer0 said: (Quote) Best comment ever :3 I needed a laugh today, thank you.
    in Writeup Comment by emmycat June 2019
  • Thanks for the info. Im going for OSCP after summer. So in the meanwhile im practicing on here and a little virtual lab at home. Does the exam throw anything at you that is not covered in the PWK course? Or, is it a direct application of what you le…
  • I had a ton of fun with this one. Some hints: -BUSTER, you better get some PAD thai for lunch -Then youll have a SUITE of gaseous emissions out of your mouth; excuse your belches. -Try hard, and be patient because running the first hint can take aw…
  • The 503s are driving me crazy. Please stop being dumb, k thx.
    in Swagshop Comment by emmycat June 2019
  • I had a ton of fun with this one. User flag was redonkulously easy, after I stopped overthinking the FTP issue (brute force isnt necessary). Root flag took a bunch of research and thinking asymmetrically, but it wasnt too bad in the end. User flag …
    in Netmon Comment by emmycat May 2019

Howdy, Stranger!

Click here to create an account.