Last Active


  • Having a lot of trouble getting the shell manually. I'm aware of the POCs and I think it's pretty clear what they are doing. My problem is this: I send a request to upload an image with an acceptable file extension. I capture that request in bur…
  • Hoping someone can point me in the right direction with the reverse shell for user. I actually already have the user flag. I'm logged in, I'm using the better version of the exploit, I'm able to execute single remote commands with it and get the o…
    in Remote Comment by shotop April 2020
  • Is the r**** service down for anyone else? I'm noticing I'm unable to do a full nmap scan on the box and when i try to use the r****-c** tool to connect to that service, it just hangs. I reset the box, but still seeing the same behavior.
    in Postman Comment by shotop March 2020
  • Type your comment> @134k said: (Quote) OMG - I took your suggestion, restarted, and now things are SO MUCH better. FML I thought the constant restarting was part of the challenge. THANKS! Edit: Got root. Feeling great right now. Thanks for a…
  • I feel like this box is really difficult to work on - not because of the challenge of finding the user and root flags, that part is awesome, but because it keeps resetting. I feel like I log in, import a more stable python shell, and then maybe hav…
  • Finally got user thanks to very kind help from @Darvidor and @kalitkd. I wrote my own "crack" method for the crypto which only got me about 95% of the way there. The algebra approach was better. Then once I got that working, turns out I …
  • I'm at the exact same point with the crypto. I wrote my own "crack" method that results in the key a********ov, but when I use it against the check file, it yields a slightly different output from the out file. It's like 90% of the way t…

Howdy, Stranger!

Click here to create an account.