Last Active


  • Type your comment> @Nihlander said: (Quote) Same, not liking this one already.
    in Wall Comment by koredump September 2019
  • Ha. Root was fun. pwntools didn't want to work with the local binary, so I went straight to remote... PM if you need help with this. Helping others helps me learn.
  • Pretty easy but fun. Seemed like there were a lot of different ways to accomplish things.
  • Rooted. Plenty of hints here.
  • Root took 10 seconds after getting user... perhaps it's because I thought learning the tool was required for getting user since I didn't see the *** key right away in the repo...
    in Craft Comment by koredump September 2019
  • Not sure what I did wrong for root but... when I grabbed the things, I either had nothing useful, or using the full option I got back far too much information (436 MB) that took a while to parse through.
    in Heist Comment by koredump August 2019
  • Finally rooted. What a fun one! This was the first time I attempted a new box that didn't have many hints, but that turned out to be an experience.
  • Got past the w**** thing a few days ago using s***ap, there's a way to do it, you just have to hack some things together. For the initial foothold, consider everything. If you see something that is interesting but you're not sure what to do with it…
  • Lots of stuff to look at once you find them... not sure which route to pursue.
  • Saw the answer within a few minutes of starting after changing the code to print out the value user input is compared with. Solved it a few hours later after trying every possible value as the password. Still not sure why the correct answer was wha…
  • @miccah said: (Quote) Finally got the B*F after reading @miccah's comment. Just a little tweak got a working local exploit to work remotely as well, ignoring ASLR. Root was easy but a little frustrating at first. Feel free to PM me about the BOF;…
    in Safe Comment by koredump August 2019
  • (Quote) Sure, anything that can talk HTTP should work.
    in Carrier Comment by koredump October 2018
  • I was held up on user due to the fact that my initial Nmap ended prematurely. Got root! It was quick and easy once i realized what was going on, and thanks to the hints in this thread. I think I got root in a slightly different way, based on the w…
  • I am somehow stuck... I have some initial creds, I have read some things, I have pulled some files, but it's unclear how to proceed to get shell/filesystem access from here. Found something that could give RCE, but not sure where to actually find it…
    in SecNotes Comment by koredump August 2018
  • Thank you for the opportunity to learn about something during priv esc. That's actually really cool and I might play with it more in the real world. Indeed, pivoting to the M user did feel like a bit of a stretch. I'm glad I searched for other file…
  • Rooted. The mind works in weird ways... got nothing for privesc all day staring at it, but once I went to bed, I figured it out in minutes. This thing really is a source of tunnel vision. PMs ok. And I did get a root shell, but you don't need to.
  • Wow that was cool! Once I found the right tool, it was fairly straightforward. The second part tripped me up because I also got "ERROR: All of the responses were identical", but I removed the extra parameters I had added that time and it w…
  • Wow, rooting this thing was truly the quickest and easiest part. (Quote) All the information you need is in the hint. Look at some things you might do to acquire information during a pentest.
    in Olympus Comment by koredump June 2018
  • I had fun on this one! Was so happy when I saw what I was given for root esc. Unpriv to user took a bit, but once I became familiar with the tech and stopped overthinking, it was easy. (Quote) As said before, look at what is going on and what you n…
    in Canape Comment by koredump June 2018
  • As others have said, the initial password is really easy (an HTB default). However, it took me about a day to get in because people kept changing it. Kinda frustrating, since I knew I had it from the start.
    in NIbbles Comment by koredump June 2018

Howdy, Stranger!

Click here to create an account.