Last Active


  • Really enjoyed this challenge and learned lots about Python 2 (shame that it has just entered EOL so some of the learning feels a bit wasted). I took to blindfolded sleeping to exfiltrate my flag, one wink at a time. But it looks like there are dif…
  • I used a bash script, but forgot about removing newlines when preparing the payload. This resulted in me thinking the WAF was blocking requests over a certain length (and me wasting hours) 🤦‍♂️ Apart from my stupidity, it was a nice challenge.
    in [WEB] ezpz Comment by job0 January 21
  • What a fun box, defiantly learned lots during root - at times it felt like playing a game of Towers of Hanoi :) Also, user was another lesson in turning over every stone and looking underneath. Thanks @MrR3boot & @b14ckh34rt for the box!
    in PlayerTwo Comment by job0 January 15
  • I dont think this challenge is as bad as the above comments make out. Yes the hints are terrible, and yes I'd prefer more modern crypto challenges, but the actual meat of this challenge practices basic skills. @WarrenVos - (and any one else having …
  • Really liked this challenge. Techniques for both parts were new for me and I learned lots, although I lost my weekend :)
  • This was really quite a fun machine and learned lots. I thought I would find it easier after finishing all the RE challenges, but it uses different techniques. Thanks @R4J Nonetheless, I quite liked the way the vulnerable function is abused to get …
    in Rope Comment by job0 November 2019
  • Really enjoyed this challenge, lots of learning and a few headaches :) For me, it was getting over the first hump was the hardest. Afterwards the rest flows fairly naturally. I used mainly GDB and Ghidra.
  • Thanks @MrR3boot , learned couple things :) The route to user was quite fun (and thankfully it was not as much trouble as Player). I quickly found my way to the "under construction" page, but got stuck there for some time. For anyone else…
    in Mango Comment by job0 October 2019
  • Really nice machine that learned lots from, thanks @egre55 & @mrb3n . Took me a few days as I have zero experience of AD environments (I've been hiding in the world of Linux for far too long :)). But there are easily enough hints in the first f…
    in Forest Comment by job0 October 2019
  • Rooted. I spent far too much time on Priv Esc due to a missing character white space character in my script, assumed it didnt work and went back into enumeration phase :( My hint for rooting is that after you find the thing to exploit, take the in…
    in Bankrobber Comment by job0 October 2019
  • Really enjoyed the machine. The couple places where I got stuck, after reading this forum the answer became clear ;) For those couple points, I kicked myself for missing them as it really is the basics. Thanks @askar
    in Wall Comment by job0 October 2019
  • Finally rooted after almost a week. Thanks @0xdf I found it an enjoyable machine and a learned lots from it, almost every step of the process was new to me as this is only my second Windows machine. Generally the whole process seemed quite realisti…
    in RE Comment by job0 October 2019
  • (Quote) In Linux, once you have SSH you can always use SCP for file transfer. Failing that, set up a mini web server on your machine and use wget/curl. Or even, just use nc and pipe it.
    in Writeup Comment by job0 September 2019
  • Rooted. Technically it is easy, but its not obvious. Thanks, it is a nice machine!
    in Writeup Comment by job0 September 2019
  • Rooted. This was my first windows machine attempted so was a serious learning curve. Thanks :smile:
    in Heist Comment by job0 September 2019
  • Just finished, my first on the site :smile: Just a quick question. I was wondering, at some point in the process I decided to use ssh (by setting a key), but after about 5 minutes connections reset and all the temporary files would be gone. But the…
    in Jarvis Comment by job0 September 2019

Howdy, Stranger!

Click here to create an account.