User was great idea but the execution a bit problematic. I’m not saying author didn’t do his job right, but there are bugs where they shouldn’t be.
(or I was doing everything wrong with online tts services)
The worst part was: one of the suggested words for important query from hints page was not working well, so speaking native command was the solution.
Root was good, but I didn’t get rev shell.
I ended up just extracting the root.txt and reading it.
The initial foothold is becoming beyond frustrating. If someone is open to offering some advice over PM that would be great. I think I have tooling and syntax mostly down but having some issues getting an initial special character to be spoken (if that’s not too spoilery).
Not loving this box… I get the fun idea of using AI as an attack vector, but it’s simply not stable enough and shouldn’t have been implemented, in my opinion. I think I’ll just let this one retire and move on, it’s not worth the time because I’m not learning anything.
@MrR3boot - Re: “Could understand the pain. Remember No pAIn No gAIn. Honestly put lot of effort to make this one. Not sure how it received by the audience…”
Thanks for the pain!!! Learned a lot! The effort to mind-f*** us shows! j/k. It’s a great box that at times made me want to chuck my keyboard across the room.
To everyone else, keep trying, keep pushing, if I can get root, so can you!!!
@MrR3boot - Re: “Could understand the pain. Remember No pAIn No gAIn. Honestly put lot of effort to make this one. Not sure how it received by the audience…”
Thanks for the pain!!! Learned a lot! The effort to mind-f*** us shows! j/k. It’s a great box that at times made me want to chuck my keyboard across the room.
To everyone else, keep trying, keep pushing, if I can get root, so can you!!!
@Swerzi said:
Not loving this box… I get the fun idea of using AI as an attack vector, but it’s simply not stable enough and shouldn’t have been implemented, in my opinion. I think I’ll just let this one retire and move on, it’s not worth the time because I’m not learning anything.
If you feel its not stable maybe you didn't get the whole concept yet. Just try harder
Rooted, Finally … the root part need to read about the Vuln, don’t do it blindly, read and try to understand how the exploitation process works, for me took time to do that, but after that the exploitation process for root is stable, root part let me think out of the box the most part I get enjoyed in. Many thanks @MrR3boot .
Really struggling to find a TTS engine that isn’t misunderstood by the recognition. I’ve tried every TTS implementation I can find from a certain company mention on a very “intelligent” page on the box, but they all seem just about as terrible as the others…
If anyone has any suggestions on TTS engines to try…it would be appreciated
root@testies:~/pentest/labs/htb/AI# nc -lnvp 1234
listening on [any] 1234 …
connect to [10.10.14.32] from (UNKNOWN) [10.10.10.163] 53514
bash: cannot set terminal process group (12249): Inappropriate ioctl for device
bash: no job control in this shell
root@AI:~# id
id
uid=0(root) gid=0(root) groups=0(root)
root@AI:~#
@Icyb3r said:
Rooted, Finally … the root part need to read about the Vuln, don’t do it blindly, read and try to understand how the exploitation process works, for me took time to do that, but after that the exploitation process for root is stable, root part let me think out of the box the most part I get enjoyed in. Many thanks @MrR3boot .
Everyone is saying to understand the exploit to root but I have no background on that stuff. Reading the entire code or even the explanation gave me a headache. Can anyone pm me to help me understand it better?
Edit : rooted. Don’t be single-minded in root process. Once you confirm the exploit is working, there are too many ways to root. I felt so stupid when someone told me about it.
Thanks @Icyb3r@0PT1MUS@N7E for the hints
Thanks @MrR3boot for the box. Cool idea