Last Active


  • So... You're looking for someone to do your homework for you?
  • Sysadmin here. Been through a good number of VAPTs in our environment. As others have said, always get permission first. It's also good practice to inform the IT/NOC/SOC teams ahead of time so they don't get any surprises. I've personally never e…
  • Rooted! Very interesting box, didn't have the chance to play with these tokens before. DM for nudges.
  • This is a really fun box, despite being stuck on the foothold for 3 days. Foothold: there's another hidden service somewhere. User part 1: you need to get a flu jab. User part 2: look in the cache and you shall find your treasure. Root: ride on th…
    in Cache Comment by ricepancakes July 18
  • I use Joplin (https://joplinapp.org/) to take notes and document write-ups. It's entirely reliant on markdown/some html to format it, but you can present code in a code block with syntax highlighting. You can end up with something like this: https…
  • Not sure if this box is bugged, but I swear I was looking up and down at the website (somewhere in a****.h***) for potential usernames and couldn't find any. It was just showing up as Agent1 Agent2 Agent3. Looked at it again today and poof there it…
    in Sauna Comment by ricepancakes July 8
  • Imo it's never a good idea to completely disable the firewall on your machine. Disabling ufw works because ufw blocks all incoming by default. As long as you know the LPORT for the metasploit session, you could probably just do (Quote)
  • Finally managed to get the root flag, but couldn't seem to get a full root shell. If anyone managed to get one, please DM me. I would love to learn how to do so.
    in Magic Comment by ricepancakes July 6
  • Type your comment> @nothades said: (Quote) Try using nc instead.
  • Rooted! Not sure if this was the right choice for my first box, but it was fun. DM for any nudges.
  • The foothold exists in the x** file you are trying to access. It's also in a well known location. You just need to remove your blindfolds.

Howdy, Stranger!

Click here to create an account.