rub1ks

About

Username
rub1ks
Joined
Visits
532
Last Active
Roles
Member

Comments

  • @gnothiseauton @jxPhreak Thanks for all the great feedback! @TazWake That's a great question. I suppose that it is always a good idea to get ssh keys if they are there. Although, without read access to that .ssh directory, one wouldn't know they …
  • (Quote) Happy to help! :wink:
    in Book Comment by rub1ks July 4
  • Wow what a trip. Took me a few days but I LOVE boxes like this. Custom exploitation, pouring through source code, reading pages of documentation. This is why we do it. Thank you @xct and @jkr, great box. Probably going to clean up my disgusting trav…
    in Travel Comment by rub1ks July 4
  • Rooted. If this is your first windows box, I don't know how you would figure out what it is you're supposed to do. Seems like it really would help to have some experience and know what to try. Everything I did was something new I learned. Thanks @a…
    in Sauna Comment by rub1ks June 26
  • Got root. Have to admit, was getting pretty frustrated looking for that file during user phase. Once I found it though it was pretty smooth sailing to root. Fun box. I'm probably going to back into it when I get some time and really try to understan…
  • Rooted this box. Tad frustrating. After I got passed the foothold I was kicking myself for not seeing it sooner, even looked right at the relevant information. After that, felt like you needed to make an educated guess on what to google to get user.…
    in Book Comment by rub1ks June 24
  • I think my favorite thing about this box is how much of the information you may discover early on is relevant to you later. Things I discovered and learned during the Foothold phase became quite useful during the Root phase. Also learned a lot of g…
    in Cascade Comment by rub1ks June 23
  • Spoiler Removed
    in Haystack Comment by rub1ks July 2019
  • Hint for foothold: Scope out the entire hotel, don't forget to check every "room" ;)
    in Jarvis Comment by rub1ks June 2019
  • (Quote) No. You don't need to send any emails.
    in Jarvis Comment by rub1ks June 2019
  • rooted! Good box, solid knowledge USER it's not too difficult honestly. Get creds, get in. Then google version for your route. then bypass security ;) ROOT Enumerate. Might be hard to see. gtfo DM for nudges. Let me know what you've done so f…
    in Jarvis Comment by rub1ks June 2019
  • Wow I rooted it. Definitely needed a lot of help. But I have to say @jkr, you make some sick boxes bro. I learned so much and it really was a lot of fun. user * Enumerate * sometimes you do stuff in one place.. and it changes things in another pla…
    in onetwoseven Comment by rub1ks June 2019
  • Box drove me crazy. Really cool though, not going to lie. I always hate windows boxes but I always come away knowing learning really useful stuff. Definitely updated my notes. USER: Giddy. End of story. All you should need to know. ROOT: (Image) …
    in Querier Comment by rub1ks June 2019
  • Oh man, that was a clutch root. Feels like doing parkour in cyberspace. This box was pretty fun. User was super Hollywood, and honestly so was root. Use the tool, watch what happens when a connection occurs, dig into that. It's a classic B&S. J…
    in Writeup Comment by rub1ks June 2019
  • Wow. Ended up using windows at the end there. I have an idea about how to do it without it, might try it for kicks later. User did with Kali entirely. Gotta learn about what the tastiest files to grab from a windows machine might be in order to get…
    in Bastion Comment by rub1ks June 2019
  • Popped it. Here are my hints: Enumerate the crap out of it. Find the goodies on one port, use the goodies on another port.. (google if you can't figure out how) Even MORE goodies here, try these goodies out somewhere else. after that... yup, anothe…
    in Luke Comment by rub1ks June 2019
  • Super Useful: https://blog.ropnop.com/upgrading-simple-shells-to-fully-interactive-ttys/
  • Got this box finally. Little frustrating, no doubt. [USER] Old door, you’ll see something delicious. Research certs and o****sl. -> https. Learn how the site works. Find more goodies. [ROOT] Use one of those goodies. Do some googling on s*h. Th…
    in LaCasaDePapel Comment by rub1ks May 2019
  • > @yunolikeme1 said: > I am stuck on escaping the rbash section. I have read all the comments and tried to perform every escape with no luck. I was however able to read the user flag without escaping rbash so there is that. > > I…
    in Chaos Comment by rub1ks May 2019
  • Finally rooted this bloody thing. Couple thoughts: Nothing tickles my fancy quite like hacking an eCommerce site to earn the right to buy some swag. That just really does it for me. I bought everything. However, the experience on this box was less…
    in Swagshop Comment by rub1ks May 2019
  • (Quote) I wouldn't go down that rabbit hole my friend. Maybe other's got it to work but there are easier ways in.
    in Swagshop Comment by rub1ks May 2019
  • (Quote) Google's your best friend. In these scenarios I like to try "{name_of_platform} exploit" and get to scrolling. Maybe you'll find something? Also the 503's are plaguing us all. Happens when you've got a bunch of hackers hammering t…
    in Swagshop Comment by rub1ks May 2019
  • Wow oh man, I got it root. That was crazy. [USER] Harder than I thought. Thanks @fjank for that help. [ROOT] Seen some hints are here that point you in the right direction. This part was easier for me that user. Do some googling and remember who's…
    in Chaos Comment by rub1ks May 2019
  • Type your comment> @R3S3T said: (Quote) Look at the source code and answer me this: What happens to the files that throw an error? What does the code do with them? Just take your time to understand the code. DM me if you still can't get it.
    in Hint for HELP Comment by rub1ks May 2019
  • Type your comment> @trodix said: (Quote) Seems like you're thinking about it more than you need to. My advice for the decrypt function: Don't forget about the second function provided to you in the file. You'll definitely need it. Look at the h…
    in Chaos Comment by rub1ks May 2019
  • (Quote) Man I’m in the same boat. Been enumerating for almost 2 days. Can’t find these creds. My self esteem is shot lol. I’ve found like 3 things I can log into, no creds. I’ve read all the hints in this forum too, if anyone is feeling generous, D…
    in Chaos Comment by rub1ks May 2019
  • Not too bad, felt like a fool at the start trying to get user. Someone mentioned it, look at the source code and notice what happens to files that are blocked/failed. Root was too easy. I'm curious about port 3***, DM if you went that route, suppos…
    in Hint for HELP Comment by rub1ks May 2019
Avatar

Howdy, Stranger!

Click here to create an account.