Dab

Maori · January 22, 2019, 5:38am

@hansraj47 said:
Am i supposed to brute force directories or am i missing something? The other website shows a cookie not set error. Any hints to get past this?

Nope, no need to brute force directories. The error is showing because you need to find the right value for one of the parameters there.

hansraj47 · January 23, 2019, 5:03am

cant understand a thing guys, i have tried intercepting the request and playing around this some http headers to get a cookie, but nothing. Been at it for a while now and would like some help with this now.

RyanW18 · January 23, 2019, 2:14pm

Any hints on initial foothold? d**.jpg seems to be a rabbit hole. 8*** seems to require a cookie?

hansraj47 · January 24, 2019, 4:15am

I have the credentials to the site and can login using a slightly different username, captured the thing and decoded it partially, still cant understand how to get past the cookie not set error.

hansraj47 · January 24, 2019, 4:39am

Just added the encoded string to a cookie but still gives the same cookie not set error.

RyanW18 · January 24, 2019, 11:52am

Managed to get the cookie part. And am now struggling to get my socks on right… Any hints on where to go from here? Still havn’t got credentials yet for the main page

GreysMatter · January 24, 2019, 12:00pm

I have found that the “socks” part is very sensitive to the application you’re using. I spent an age using a well known program, only to discover that I was doing everything right, but the app was not producing the result i wanted.

RyanW18 · January 24, 2019, 3:00pm

is the me******d service/port a rabbit hole?

RyanW18 · January 24, 2019, 4:15pm

Okay so I’ve found wendells password as previously hinted on this thread…

RyanW18 · January 24, 2019, 4:26pm

Got user, really interesting and challenging machine Onto root

GreysMatter · January 24, 2019, 9:08pm

Rooted … interesting box. Nice priv esc.

RyanW18 · January 24, 2019, 11:02pm

Looking into creating my own lib******* for the my**** binary but it still seems to just keep prompting me for a pass and then failing… Any idea?

RyanW18 · January 25, 2019, 11:52am

Most annoying this is knowing what to do but don’t know how to use the tools to do it…

RyanW18 · January 25, 2019, 1:07pm

Got now idea on how to get the pass for the m***** binary. Tried debugging/decompiling etc and Its just so confusing

EDIT:

rooted. Thanks to @GreysMatter and @YanTayga gave me a lot of hints along the way. Struggled hugely with the RE On the binary, still don’t really understand it. I realised that I had 80% of the password from my first initial RE on the binary and could of got the rest by BF but just didn’t think of it.

robertwhite98 · January 25, 2019, 3:26pm

Rooted - Understand the priv esc but struggled hugely with the RE of m*****, anyone available for a PM to discuss?

nullbytes007 · January 25, 2019, 9:39pm

someone please PM me, I’ve s******t and can’t figure out what command to send

hansraj47 · January 26, 2019, 5:17am

stuck on the socks page, dont know what to do now. Been at it for a while now.

hansraj47 · January 26, 2019, 5:32am

Seems like the page is loading a different list from a different source. Dont know how i could use that.

hansraj47 · January 26, 2019, 1:17pm

i am still having a hard time understand how to proceed with the socket page. A little hint will be appreciated.

hansraj47 · January 28, 2019, 2:13pm

found the specifiic port to enter in the socket test page, its not showing anything other than the version, certain stats and ERROR. Dont understand how to proceed. Did all the reasearch i could do, please help.

Topic		Replies	Views
Hint for Waldo Machines waldo	537	86294	December 16, 2018
Official Breadcrumbs Discussion Machines	107	11294	July 4, 2021
NIbbles Machines	552	76626	September 30, 2024
Nibbles , Where to start...? Machines noob , nibbles , starter	6	1000	March 13, 2018
Mango Machines	683	108370	April 17, 2020

Dab

Related topics