Dab

s4m3sh · November 21, 2018, 8:22am

@s4m3sh said:
I got a “valid pair” with brute forcing the login page with a tool. But it does not work with web login. Any idea?

got it working

kimbilirkim · November 21, 2018, 6:02pm

i got dab.

billbrasky · November 24, 2018, 2:54pm

@badman89 said:
can someone pm me i think im on the right track for privesc, swapped the thing for my own thing to be called by the thing but not working because of S**D??

Edit- rooted thanks snowscan learnt loads getting this flag

I’m in the same boat right now. I’m doing a lot of reading on this method of privesc and I can’t figure out what I’m missing to make the thing run the way I want it to. It runs, but not the way I want it to.

Edit - I got root. My advice to anyone stuck at this point is to keep your exploit as simple as possible.

eRaMvn · November 26, 2018, 7:29am

Got root on dab. I will be willing to help if someone needs a hint

s4m3sh · November 26, 2018, 3:50pm

Got root, it was a nice journey

bocabaca · November 27, 2018, 11:12pm

any one for user , i found the service running and can use some command, but i dont know what to do
EDIT: got it

Balzabu · November 29, 2018, 5:00pm

Got no idea on how to get user.txt; I’m stuck… I already got the dab.jpg file but anyway can’t find a way to go further… any hints?

kindred · November 30, 2018, 3:35am

Feel free to PM me if you’re struggling.

Samsara · November 30, 2018, 9:19am

Dance Dance Dance…

Have root on Dab…

Last part was difficult for me… And I’ll redo my track again, to clean up my notes… Nice machine @snowscan!

N13manT · November 30, 2018, 11:37am

Is there someone who can guide my train of thought?
I got user and found the needed file. I got the correct password and am looking at the result which is a mention of a placeholder…after that I’m a bit stuck.

— edit —

nvm…I found the solution.

Baikuya · December 1, 2018, 6:11pm

Rooted the box and it was quite a challage for me.
Thanks @CHUCHO very much for putting me in the direction !
If anyone needs help feel free to PM me.

gudj4qu3r · December 2, 2018, 9:58pm

Owned it! Nice box … I’ll happily help to anyone … Thanks @snowscan for this machine!

dualfade · December 3, 2018, 10:39pm

very cool machine. rooted. Got my ■■■ kicked for a bit there Until I figured out wtf was going on with a few binaries.

props @snowscan

mrothenbuecher · December 4, 2018, 10:12pm

Tried to force it to use my own l*****y. No success. Any hints?

pat · December 5, 2018, 10:56pm

rooted, my favorite box so far, thanks to @Baikuya for the final hint and props to @snowscan for making it

r518 · December 7, 2018, 9:49pm

I’m pretty stuck on this, have been for a while.

Would appreciate if someone could provide a hint to the socks/cookie part by PM.

WinXx · December 10, 2018, 8:42am

rooted !!!
thanks @CHUCHO for the hint on socks.
Thanks @snowscan for this machine!

CaptainBounty · December 10, 2018, 3:58pm

Completely stuck on the privesc part… Does it have something todo with loading the *.6 file into the memory from the volatile location pointed to by the “test” config? When I pass my own crafted *.6 file, it completely breaks down the box, so it needs to be rebooted afterwards Could someone PM with a hint, please…?

An0maly · December 10, 2018, 10:00pm

Can anyone give a nudge on the elusive cookie monster ?

ronak360 · December 13, 2018, 5:01pm

need help with cookie part some one PM me or at lease provide me a reference link