Last Active


  • Just wanted to thank author @st4ckh0und for making such great challenge. Took me 3 days straight to analyze. Lots of notepad text and will probably have to replace F8 on the keyboard :)
  • @VbScrub thank you very much. Amazing box that requires various skills. Would never call it easy, mostly because it covers many aspects of pentesting (enumeration, reversing, code reading, encryption) Had real fun solving it
    in Nest Comment by keyos1 January 2020
  • Hope it's not spoiler. It took me a while to find the correct libc The correct package version for it is: libc-bin_2.23-0ubuntu9_amd64 It can also be found inside ubuntu-16.04.3-server-amd64.iso (That's how I found it) I'm not sure if the author re…
  • Spoiler Removed My bad. Never thought this could be tagged as spoiler.
  • What a fun box. Thanks a lot to @Gioo & @Cneeliz for the journey I learned a lot during the user stage Root part was too simple imo The need to reset the box every time the service crashes (and you know it will crash a lot) was a bit annoying …
  • Thanks a lot @Cyb3rb0b for such a nice box. Got root using both lazy (Thanks @TsukiCTF for mentioning his repo. It actually took more than 5 minutes, but who counts :)) and the slow (intended? way) Loved the slow way much better as it requires you t…
    in Json Comment by keyos1 September 2019
  • Amazing box. I wasn't frustrated that much because of all the information this forum already had. There were couple of moments that I thought are too far fetched, but overall I think it can happen in most real life scenarios when people reuse their…
    in Ghoul Comment by keyos1 September 2019
  • Definitely need help advancing. I'm after login screen for about a week now :) Got all the .php files, enumerated sqlite, no idea how to proceed. Will appreciate any help. Thank you Edit: Thanks to @Pilot51 for the help with getting the foot down. …
    in Kryptos Comment by keyos1 August 2019
  • First of all I have to thank @MrR3boot for creating such a challenging box. I've had so many knowledge gaps during the research of the box that it took me several discord chats and more than a week of research/frustration/little wins to actually co…
    in Player Comment by keyos1 August 2019
  • So I've read all the comments, enumerated vhosts, files (at least I think so), saw the error for a short time :), but still can't figure out how to proceed. I'm pretty sure I'm missing some piece of information to advance. Will appreciate a nudge. P…
    in Player Comment by keyos1 August 2019
  • Type your comment> @Ripc0rd said: (Quote) Ok, I actually took some time to explore and found out that hashcat expects a bit different format for the hash depending on type of encryption and whether certain feature was used. See example hashes ht…
    in Safe Comment by keyos1 July 2019
  • Type your comment> @Ripc0rd said: (Quote) 6 hashes means you understand what you're doing :) Now try using the original tool the hashes were intended for instead of hashcat
    in Safe Comment by keyos1 July 2019
  • (Quote) If you have only 1 hash then you're missing some information on how this app works. Read about various ways and see how you can produce more than 1 hash. When you have this you'll get the creds really quick
    in Safe Comment by keyos1 July 2019
  • Type your comment> @tang0 said: (Quote) There's no b****h string in the binary, so whatever you're doing doesn't seem to be exploitable on remote side (because if you're doing what I think you're doing you don't know the right address of that st…
    in Safe Comment by keyos1 July 2019
  • What a box. As others say it's probably the most interesting box I've seen (although I'm a n00b) Thanks a lot @jkr I can't even begin to imagine how difficult is to plan such a box Thanks again
    in onetwoseven Comment by keyos1 July 2019
  • Just wanted to say thank you to @askar . This was definitely not an easy box for me. The user took me 2 days ( 4 hours each probably) and I was on the right page pretty fast. During this time I learned a lot about PHP LFI/RCE and that nmap actuall…

Howdy, Stranger!

Click here to create an account.