Last Active


  • do not try to crack anything user wise use grep and look forensics wise at your d****r p*** and when u overlay to something useful you will see the mess of the ctf like setup he talks about
    in Registry Comment by wabafet October 2019
  • i figured this out after a great hint from rolas without spoiling it for me you just need to remember the context of what your requesting and why and once that request is successfull usually during a good hunt people set loose their bloodhounds to …
    in Forest Comment by wabafet October 2019
  • I wouldn't call it hard but easy far from it maybe medium but i had to learn a bit today to do this very happy lets say its not hard or easy . Im about to grab my user flag my friend and i worked together and he got his but i asked to suffer so i …
    in Registry Comment by wabafet October 2019
  • That was an interesting journey to user nice trick to the tool belt thanks authors
    in Forest Comment by wabafet October 2019
  • Type your comment> @tabacci said: (Quote) Well to say this it took about 1 hour 19 minutes to get the password cracked than it took me about 10 seconds to spot the hole in the python code for A**h.*y I am not trying to sound like an ass but the …
    in Smasher2 Comment by wabafet August 2019
  • the comment in the hints I found were more like it was a misconfig for ghidra not the actual RCE due the the xml parser just my 2 sense
    in RE Comment by wabafet July 2019
  • as with everything poc||gtfo print(rex) function lambda at 0x7f8eaf155378 sorry had to strip the things out filters ;(
    in Ellingson Comment by wabafet May 2019
  • this is the coolest challenge i have done ever Not only do I love the hackers movie from my younger days but what the hell that bug is so off the wall i got lucky as hell patreon hats off to you boys ;) for teaching people like me how to find thing…
    in Ellingson Comment by wabafet May 2019
  • just a question why are we constantly starting a discussion about a box that is 23 hours from release just curious
    in Ellingson Comment by wabafet May 2019
  • My only complaint is we are in 2019 we shoudn't really be ctfing a box with a 4 year plus vuln when there is a pretty decent exploit just released. I understand this was done for simplicity reasons but considering the vuln you used is mad old and …
    in Swagshop Comment by wabafet May 2019
  • Type your comment> @SamBugler said: (Quote) what you may want to do and i know im going to get in trouble for this lol Reset it 2 times in a row i did and now it pops every attempt feel free to pm me maybe your command is wrong this gave me an…
    in Ghoul Comment by wabafet May 2019
  • ya i checked i expected there to be some kind of poc this has to be pretty trivial if they are guarding it so well not easy but pretty reliable exploitation would occur I think i'm grabbing server 2019 now to see if I can manage to get some tools l…
  • if you can find a little more info on it and pm me but in this scenario I only see checking the diffs on the files effected by the patch to be our solution in figuring this out sending the email to the system and waiting to see if you can spot the d…
  • @p0wn3y What I am seeing is this 1.) The harder the box the more I learn 2.) The problem allot of times with CTF is things are right under our noses so we are learning to enumerate, which is the foot printing stage. I would say the insane level c…
    in CTF Skillset Comment by wabafet May 2019
  • wow I must say after fixing the netcat issue and using the correct method and landing a shell as user during the exploit I was able to without adding any keys execute a privesc and achieve root shell but after that it took no more than 15 20 minutes…
    in Ghoul Comment by wabafet May 2019
  • Holy Sh** this is crazy I finally got a shell trying to get myself onto there for root pivot this is no joke lol
    in Ghoul Comment by wabafet May 2019
  • Type your comment> @MinatoTW said: (Quote) I am currently having trouble with root but I am not sure of I am supposed to be bruting *it ? very good challenge bro either way whether its hard or not nothing is ctf about this box that is what you …
    in Ghoul Comment by wabafet May 2019
  • Type your comment> @Glasgow said: (Quote) no the upload is not a rabbit hole I assure you I just championed the upload and have landed a shell Now this is at the creator about your clue to ignore /var/tmp does the nsa or encryption have anythin…
    in Ghoul Comment by wabafet May 2019
  • Type your comment> @MinatoTW said: (Quote) where are my file uploads landing is that a rabbit hole for the secret art site
    in Ghoul Comment by wabafet May 2019
  • @danymogh there's a definite fine line that can be walked and still be considered research and or ethical but what I meant is if you use the handle somewhere else someone may google just to see who u are and see this could be a good thing is all i'…
  • hey is the .vhd a rabbit hole i keep getting booted trying to grab it any suggestions?
    in Bastion Comment by wabafet April 2019
  • I don't see why that is a privacy concern You should hope its indexable if You want a job having proof of your skill publicly is not a bad thing
  • Type your comment> @rootk1d said: (Quote) nope not a rabbit hole you can view with netcat and figure out what is going on here upstream proxy as well as a little local host editing should get you on the way I was also told env_k*** works but i …
  • @MinatoTW said: (Quote) Nice bro never seen that before
  • Type your comment> @GordonFreeman said: (Quote) remove the directive in firefox on network settings for proxy to bypass for I had same issue box is very unstable waiting two days for this to work so i can go for root me and 3 guys wer…
  • make sure you are using the correct user > @Vex20k said: (Quote) make sure you are using the correct user i do this every time by accident so far on this so make sure its not the first sftp person
  • Spoiler Removed
  • I am getting sftp connections only allowed after trying to view the admin page
  • Ok I will lend a hand here when You are working with mysql and PDO there are a few options that can be provided to the script to alter things and where they run from etc You have to always think like this user input = sink Anytime You have a user…
    in Kryptos Comment by wabafet April 2019

Howdy, Stranger!

Click here to create an account.