Getting gobuster errors with the URL, any idea about the resolution?
“Unsolicited response received on idle HTTP channel starting with “\n”;”
rooted 
cool box learn alot need help just pm me 
I’m having a hard time figuring out how to exploit the SSS.py script. Can somebody pm me?
Recently rooted! The foothold and root was very enjoyable for me.
My hints for all you fine people:
User: Get creative, read between the lines. Tools weren’t really necessary. Finally, try to understand the math behind it all.
Root: Very straightforward. You’re trying to win the race without the usual tools.
Feel free to message me if you need any hints or nudges!
I need a nudge on the sss file. I understand where the weakness is, but I struggle with the syntax especially due to " " ← these.
Could someone pm for a nudge? thanks
Type your comment> @guanicoe said:
I need a nudge on the sss file. I understand where the weakness is, but I struggle with the syntax especially due to " " ← these.
Could someone pm for a nudge? thanks
Maybe you should think of how SQLi works, it starts with ’ so ends with ’
GotRoot!
Overall I liked this box a lot, not too hard but forces you to be creative in certain spots. For initial foothold, use what you know and look into tools such as ffuf to try and get what you want. I really liked the root priv esc, thought it was clever. If you need help PM me for a nudge
Hi. using wfuzz, dirbust at the start of box I can t find the location of SSS.py file, maybe is a hidden (dot) directory - I thinks -but again nothing.
could you give me a hint? tks
Type your comment> @J4c said:
Hi. using wfuzz, dirbust at the start of box I can t find the location of SSS.py file, maybe is a hidden (dot) directory - I thinks -but again nothing.
could you give me a hint? tks
ah ok, I found it 
Need some help with my initial RCE. I’ve got everything working on my local machine (able to send a rev shell and execute whatever command), but when I try it against the target, just about everything fails, but I’m able to ping myself.
If someone could take a look at what I’m sending and tell me why it’s failing, I’d really appreciate it.
EDIT: Disregard…figured it out.
EDIT2: Got it rooted. Very cool machine that’s pretty CTFish but it was an awesome reverse engineering exercise. Here are some hints:
Foothold - Find the interesting script mentioned. Then figure out where it’s vulnerable. I recommend getting it working on your own machine so you can see errors and effects, and then trying it out with simple networking commands on the target. Remember print statements to help out with debugging
User - Fairly simple…pay attention to the files you’re given, and what the script is actually doing to its inputs.
Root - This one was pretty cool…be mega fast and maybe you’ll get some juicy info!
Really enjoyed this box, thought it was a bit easy for a medium, but a great intro to custom exploit boxes for someone like me.
Initial foothold: you’re given partial info, then I used ffuf (GitHub - ffuf/ffuf: Fast web fuzzer written in Go) to fill in the blanks. Once you find it and have seen something interesting, Burp repeater comes in handy.
User: Should be self-evident what the “interesting” thing is, now it’s a case of reversing what it does to extract the important info.
Root: Not quite so obvious, check what your user can do, then figure out a way of grabbing the important data.
Also wanted to add that I found running code locally with print statements very useful at each stage from initial to root. Use your own box as a testing ground.
I ran dirb on port 8080with commeon wordlist and I got nothing
Help I m noob
Rooted!
Fun box, my python certainly needs work but the forum sure helps understand where to look.
Rooted!
now i’m ready to help.
rooted! really nice machine!
Tips:
User: try to look which command can be a little problematic and use that for your needs.
Root: while you found the specific file, read it carefully and understand it.
Can Tip in private if anyone need!
hi, anyone can help me on initial foothold, i have sss.py and ı know vulnerable function and i write simple py code to give this function but it didnt work, i dont know where i made false.
edit: rooted. thx @mor2k1
Type your comment> @sh4d0wless said:
hi, anyone can help me on initial foothold, i have sss.py and ı know vulnerable function and i write simple py code to give this function but it didnt work, i dont know where i made false.
wrote you in PM
root@obscure:~# id uid=0(root) gid=0(root) groups=0(root)
Finally. The foothold was a pain for me, the rest was really easy.
PM if you need a nudge
[thanks @ChefByzen ]
It’s been a really funny box so far, but it’s a ■■■■ nightmare to get a shell that isn’t clustered with unknown errors or that simply stops working. Is every box like this because it’s sunday or is this one particularly overloaded or anything ? I’m pretty sure I’m on the right path to root but it’s just impossible to do anything 
Edit : Finally rooted. I waited for the day after and it was fine, I could type some commands without having to wait two minutes to get the output ^^
I enjoyed this box a lot, it really makes you think at what’s happening and not blindly run tools. Foothold was a bit of a pain to get the correct syntax, user was really cool. Root was fun as well, even though the only way I could think of getting it was a really ugly one (there’s no clue in that, I did use a really ugly method).
Thanks @clubby789 !