ForwardSlash

Lytes · April 10, 2020, 8:40am

I’ve been fuzzing for ages, could anyone pm me a nudge.

davidlightman · April 10, 2020, 9:15am

Hi all, I am stuck after finding credentials. I can’t find a way to RCE. I tried all obvious things. Could anyone push me in the right direction? I’ll show what I’ve tried. Thanks.

nyckelharpa · April 10, 2020, 9:16am

Hi everyone! I have user and am currently working on the crypto thing. I understand what it does and analyzed it quite a bit, but I don’t really see the weakness. Any nudge would be appreciated!

thirt33n · April 10, 2020, 12:00pm

can someone give me a nudge on the enumeration phase? just found a **.txt with some notes inside, but it seems not so useful. Thanks

nav1n · April 10, 2020, 3:47pm

SSH Ch** is a rabbit hole?, I couldn’t find anything helpful !!

Edit: found it, thanks @cyberafro .

chiefgreek · April 11, 2020, 9:39am

could do with a hint on the initial, go the noe and have tried fuzzing endpoints, subs, used own cewl from both pages, tried hints in the name of the group as directories, changed hostname to back, tied various index ends, fuzzd wth that…gettng nowhere ctf like

guanicoe · April 11, 2020, 11:31am

Finally rooted! thanks to the people that helped me (to many for me to list :s ) special thanks to @nyckelharpa though. Anyway, the hints on the forum are not that bad once you know the answer. but I’ll try to guide those still stuck

Foothold : as people have said you need to enumerate. What I’d like to add (please tell me if this is a spoil) is that dird, gobuster, ffuf, etc… all look for single words for a given list. but remember that a computer does not always use a single word to name stuff. How would the computer know what is what if you did extended the meaning of the word.
After that, you’ll need to read where you are.
User: Look who owns what and answer the questions: why, how, where. Once you’ve answered these questions, remember, user + passwd = stupid
Root: they are multiple paths as you might have read. The intended path is just a question of finding the key, for that you need to rock the gibberish. To know if you’re doing it well, imagine what the gibberish might say. Once this is done, the rest is super easy and does need any hints.

I hope i was cryptic enough so not to spoil, but if I did, pm me and I’ll modify it.
and if you are still stuck pm me or for quicker response, discord :: guanicoe

3l0nMu5k · April 11, 2020, 11:41am

Rooted, fun box!

ReT · April 11, 2020, 2:23pm

could someone pm me with a small nudge on foothold…i’ve tried gobuster / fuzzing lots of things and still cant see anything!

hamchouche · April 11, 2020, 3:32pm

And rooted, learned a lot !!! Especially to stop trying to be too smart ^^
I’ll try to add some hints for those who are stuck :
Foothold : Yes Enumerate a lot
User : The tricky part is to understand what it is doing, after that, should be very easy
Root: Oh boy how it was scary at first, second, and third glance. At start , I tried to be smart and in the end, I went the other way

My key is different that thus found on writeup (locked writeups of course, and if somebody cracked the code, please pm me with how you did it, you can ask for root.Txt or whatever, I am soooo curious)

utarestev · April 11, 2020, 4:51pm

I’m stuck with initial foothold. I’ve tried some of the hints mentioned before but I am unable to get any response other than index.
I am not be able to find anything of interest, only the defaced site.

I don’t know how you all can do it, but initial foothold it is the hardest thing for me.

Any nudge please?

edit: thanks to @EvilT0r13 and @ReT .

beorn · April 12, 2020, 11:20am

Rooted !

Very nice box, particularly the user part :).

PM if needed

smashsec · April 12, 2020, 12:05pm

Finally rooted. Ended up bruting the c****o for the priv esc part.

EscapeVelocity · April 12, 2020, 2:36pm

Finally rooted! Thanks for the nudge @guanicoe and thanks to the creators for the fun box.

gonzaloFSF · April 13, 2020, 12:59am

Hy all, I have been stuck for hours in the lfi part, at the moment I can access //**.php but I do not see how to continue from here. Please, if possible, could someone help me?

Thanks in advance and excuse my poor English.

thirt33n · April 13, 2020, 9:37am

Edit.

fdsSec · April 13, 2020, 2:20pm

Rooted

Congrats to the creator. i would say it’s an insane box

Feel free to PM if you need help

gh0stm5n · April 13, 2020, 4:09pm

I find it more fun and I learned more by breaking the cipher itself.

FailWhale · April 13, 2020, 4:44pm

Really didnt like the c****o part when i first saw it, but i was greatly surprised when i got working with it.

My tip for everyone who is intimidated by it, is to try not to think too much about what and how it works, because thats just a lot of magic. Rather just try create your own stuff, and break that first. Just experiment with a lot of different stuff and you should at some point see something interesting.

Also sounds like there is an alternative way without the c****o, would love to hear from someone how they did that

Warlord711 · April 13, 2020, 6:54pm

Anyone who can assist me understanding the crypto part ? I tried with long/short keys, with a key like aaaaaa vs baaaaa and so on. I also tried to brute force by using a simple wordlist and searching for ascii only characters but no luck.