Jerry

smjogi · July 2, 2018, 6:26pm

I use vip. There aren’t that problems.

izzie · July 2, 2018, 6:30pm

Just pwned Jerry before nmap had finished The mouse was meant to be the smart one.

xtech · July 2, 2018, 6:34pm

@smjogi said:
I use vip. There aren’t that problems.

yeah thats what i mean. these machines are made like this so we buy VIP services

xtech · July 2, 2018, 6:45pm

just rooted. this machine should be rooted in < 10 min. however it took me 2 hours because either someone is changing the passwords. or its designed so that the password keeps changing on free services. GG!!

nodurhead · July 2, 2018, 7:10pm

Horrible. In in like 10 min and cant open the flag. I’ll have to come back to it when it settles down.

Tr4k · July 2, 2018, 7:28pm

In this box you must be quick as Jerry !
this box on vpn free was a mad house.

melka · July 2, 2018, 8:17pm

Just saw 10 resets being requested in ~15 minutes…

J3rryBl4nks · July 2, 2018, 8:25pm

To everyone voting this machine as lame: I have seen a LOT of websites similar to this in “production” environments. This is an easy CTF but represents a decent segment of real world websites.

game0ver · July 2, 2018, 11:13pm

@J3rryBl4nks said:
To everyone voting this machine as lame: I have seen a LOT of websites similar to this in “production” environments. This is an easy CTF but represents a decent segment of real world websites.

I don’t think that the machine is voted as lame because it’s an easy machine. I suppose that happens because it’s very unstable and the password changes very often. Also with so many resets it’s very difficult for someone that already has access to even get the flags.

n0bf · July 3, 2018, 1:38am

So I found the username and password for the web interface but I can’t figure out how to get a shell from this. The exploits complete but no session is created. I know there might be a way to cause a netcat session to open by manipulating the management interface but I’m lost for how to get this done.

royc3r · July 3, 2018, 2:25am

I’ve tried every default password I could find along with every combination of t&j i could think of. Not sure if i am way off or if i’m not trying hard enough. frustrating none the less

Jomar · July 3, 2018, 7:07am

Pm if you need @n0bf & @royc3r

0x23b · July 3, 2018, 7:33am

Rooted!

PM if hints are needed

SpZ · July 3, 2018, 8:02am

Rooted this box.

if anyone need any hint without spoiler, just feel free PM me.

I like this box, thank you!

melka · July 3, 2018, 8:50am

@game0ver said:

@J3rryBl4nks said:
To everyone voting this machine as lame: I have seen a LOT of websites similar to this in “production” environments. This is an easy CTF but represents a decent segment of real world websites.

I don’t think that the machine is voted as lame because it’s an easy machine. I suppose that happens because it’s very unstable and the password changes very often. Also with so many resets it’s very difficult for someone that already has access to even get the flags.

Yeah, out of frustration, I voted down, but it’s not really the fault of the machine or the machine creator, mostly because it’s a pain to work on it… Maybe a mechanism to stop people from changing the credentials would help. It was the same problem on nibbles.

ninjat · July 3, 2018, 10:49am

This is a really easy machine, the only hard bit is dealing with all the resets and people changing the password -_- I recommend using Burp or Zap to intercept the traffic, see whats going on, what you can change. Makes it way easier to test creds as well

TheBull369 · July 3, 2018, 12:21pm

@xtech said:
just rooted. this machine should be rooted in < 10 min. however it took me 2 hours because either someone is changing the passwords. or its designed so that the password keeps changing on free services. GG!!

I dont think this is a Free vs VIP issue as I use the VIP machines and I had some of the same login issues.

TheBull369 · July 3, 2018, 12:23pm

@royc3r said:
I’ve tried every default password I could find along with every combination of t&j i could think of. Not sure if i am way off or if i’m not trying hard enough. frustrating none the less

Enumerate some more. I know we hate to see someone respond with that but enumeration is the key to this one. Read everything carefully as you may be skipping over it.

game0ver · July 3, 2018, 12:27pm

@melka of course it’s not the fault of the machine or the machine creator, it’s just because the machine is pretty easy to root.

Also I agree that machines like this would be a good idea to have a mechanism, maybe an automated script to prevent the credentials from changing, restart services when not responding etc…

GingerHackz · July 4, 2018, 12:12am

Just a lil tip - when you do find the flags - if youre unable to cat them properly (no output , shell crashes etc) copy the file to a new file that doesn’t have the long spaced out name - legit i spent almost all of my time on this box dealing with crashing shells and ■■■■ due to this.