jimmypw

About

Username
jimmypw
Joined
Visits
300
Last Active
Roles
Member

Comments

  • Are we sure this challenge is viable any more? I get taken in a loop of dead links.
  • I don't know why I found this box so hard. I was definetly over thinking it, I got stuck on just about every dead end imaginable. Somebody mentioned creating a flask app to automate the last step by proxying another tool. This is a great tip and de…
  • It turns out that I had the flag very quicky but for whatever reason it did not work, perhaps I noted it down wrong. Nothing more to add beyond what has already been said.
    in debugme Comment by jimmypw August 30
  • I really enjoyed the ides of this box but the implementation seemed buggy. I learned a lot from user on this box, root not so much. I had to reset the box twice on that last step as I managed to get in to a state where it no longer responds. Waitin…
  • Finally rooted. I have nothing left to say about this box.
    in AI Comment by jimmypw December 2019
  • Rooted. That was fun.
    in Smasher2 Comment by jimmypw October 2019
  • I have mixed feelings about this box. On the one hand it involves some some classic windows vulnerabilities. On the other I would consider the pre-requisite knowlege too high for a meger 20 points. That box was all new to me and I have discovered s…
    in Forest Comment by jimmypw October 2019
  • Rooted, CTF like in places. Once you get past the initial guessthebox it flows pretty nicely. I likes how you're constantly combining information in new ways to get new leads.
    in Player Comment by jimmypw August 2019
  • Rooted, ctf-y but fun. Tip for user * please don't leave the answer lying around. Tip for root * use your keyboard
    in Networked Comment by jimmypw August 2019
  • That was superb. I learned so much from this box and while I have always known about a lot of the vulnerabilites I have never made the effort to test them out, until now. If you need a pointer shoot me a PM
    in Kryptos Comment by jimmypw August 2019
  • THIS BOX GOES ON FOREVER! Edit: rooted This box was waaaay too long. I've been at it over a week and even with some pretty substantial tips there were times where it just seemed there was no way forward. It's not hard, its just annoying,. That said…
    in Ghoul Comment by jimmypw August 2019
  • I think understanding the Linux 64bit application binary interface helps. The Wikipedia page contains plenty sufficient information. I'm no assembly programmer but I understand the ABI and it makes sense to me.
    in Rop Comment by jimmypw July 2019
  • Had problems getting the exploit to work properly despite being verified by some users. Ended up having to do it manually and I'd love to know why my original code didn't work if you're up for debugging it with me. PM Me
    in Safe Comment by jimmypw July 2019
  • I enjoyed that. There were several "wtf now" moments and getting the payload to work without any feedback was infuriating. PM if you need hints.
    in Craft Comment by jimmypw July 2019
  • That.was.exhausting. Talk about being thrown in at the deep end. PM if you need hints.
    in Ellingson Comment by jimmypw July 2019
  • To those that are having problems getting pwntools to receive output from the binary I suggest you read this: https://github.com/zachriggle/pwntools-glibc-buffering
    in Ellingson Comment by jimmypw July 2019
  • Type your comment> @ScreenSlav3r said: (Quote) Cheers i've pm'd you.
    in Ellingson Comment by jimmypw July 2019
  • Type your comment> @rallyspeed said: (Quote) I'm battling with the exact same issue here. When run in gdb manually it works fine, when using pwn it just hangs, not doing anything. I even checked to make sure that the prompt wasn't being sent to …
    in Ellingson Comment by jimmypw July 2019
  • If you think you have a flag but it's not working. Case Matters.
  • That was awesome, just beware of the trap, I certainly fell in to it. Drop me a PM if you want pointers.
    in onetwoseven Comment by jimmypw July 2019
  • Not going to lie. My first attempt I wrote a lengthy script that cross referenced data from one index to the other looking for clues. It was almost complete when I saw the relevant gibberish by chance. The second half was far more interesting and a…
    in Haystack Comment by jimmypw July 2019
  • That last exploit was really winding me up. I noticed the vector almost immediately however exploiting it proved to be far more challenging than I had expected. To those stuck in a hole i say - it's not Eeyore's fault.
    in Writeup Comment by jimmypw July 2019
  • I've been sucking at this for way too long. I see the exploit, I am on the right PATH but the process is ignoring my advances. Any tips?
    in Writeup Comment by jimmypw July 2019
  • Once you get over the enumeration hurdle the rest of the box is quite fun. There are a few dead ends but you figure them out quite quickly. You will acquire many sets of credentials so there is a good opportunity for brushing up on your hydra skills…
    in Luke Comment by jimmypw July 2019
  • Type your comment> @jimmypw said: (Quote) Never mind, I overlooked something. I'm back on track!
    in Redcross Comment by jimmypw April 2019
  • I need to be pointed in the right direction here. S** I********* are not my strong point. I can see there is one when logged in with g****:****t in the L***T C****e but i am stumped how to get anything useful out of it.
    in Redcross Comment by jimmypw April 2019
  • I disliked this challenge at first. It gets better as the challenge progresses. Obtaining root is particularly interesting as you do not obtain a shell per say but doing so should be possible.
    in Teacher Comment by jimmypw March 2019
Avatar

Howdy, Stranger!

Click here to create an account.