Last Active


  • I ended up getting through it, don't know if it was a misconfiguration or not. user: Rather than following the walkthrough or yeeting typical payloads to catch a shell, I downloaded a nice common networking tool onto the box and used that instead. …
  • Rooted - big thanks to @ChefByzen for this box. I don't want to give a spoiler - one of the common enumeration tools is supposed to detect an issue with this machine, but there's a bug and the test didn't work properly. I've raised an issue and sub…
  • Thanks for the box - I wouldn't have gotten it without some of the hints in this thread, but that's because I learned a couple of things! Hints are pretty good. I will emphasize that you shouldn't need to brute force anything / use dictionaries etc…
    in Nest Comment by smidgey January 2020
  • Hey thanks a lot for the box, it's really logical and I learned a bit (yes I'm a noob). user: I cracked a very easy thing, but fell into a trap for a while trying to crack something much harder which was not necessary. Knowing how things are config…
  • Hey thanks very much for this box, I had a great time working on it and improved my workflow + learned a couple of things. The box is nice and logical and it held my hand just enough to let me walk through it at my own pace. My only advice is to al…
  • This was a really well-crafted challenge. Each part followed on from the last nicely as you work through it, and it all made sense. Kudos!
  • Really struggling to get past /u**s/l****.h* at the moment. I've enumerated pretty hard and seen a bunch of hints I'll be damned if I can guess my way in. Did some wordlist building with cewl and let hydra run at it for a while. I'm currently going…
    in Ghoul Comment by smidgey August 2019
  • Finally got user, looking forward to taking it further to root! Found this box to be really neat / logical and got from enumeration to foothold without any real missteps which is a first. I identified the interesting thing for getting user, but mis…
    in Jarvis Comment by smidgey August 2019
  • wooooo rooted. Really enjoyed playing with the stack, learned a bunch of stuff. Didn't much enjoy sifting through the haystack but c'est la vie
    in Haystack Comment by smidgey August 2019
  • I really enjoyed the hell out of this box. I think mostly I learned that sometimes enumerating harder means looking more closely at what you already have rather than searching for more.
    in Writeup Comment by smidgey August 2019
  • Hi @StayNe thanks for the updated clue - definitely made the challenge achievable. False starts aside, I enjoyed this challenge for a few reasons. I got to confirm my analysis techniques when looking at something new / unseen. It turns out that mos…
    in August Comment by smidgey July 2019
  • Type your comment> @Rainerd said: (Quote) I put on my tinfoil hat for a bit this evening and assumed they might be chemists and the the "Ne" in "StayNe" might mean Neon. This took me down a rabbit hole of chemical compound no…
    in August Comment by smidgey July 2019
  • I'm playing with a few ideas at the moment - is it fair to say that when deciphered, the total contents of flag.txt are not a single base 64 encoded string? Is there anything else you can say about who August + Chris are without giving it away comp…
    in August Comment by smidgey July 2019
  • You can pull out all the strings with that popular tool, but not with the default settings.
    in Matrioshka Comment by smidgey July 2019

Howdy, Stranger!

Click here to create an account.