Kryptos

v01t4ic · July 4, 2019, 6:18pm

edit: nvm

zxctypo · July 7, 2019, 3:57am

finally got root. This has been my fav machine so far, so much fun

windsurfer · July 8, 2019, 2:50pm

Will a standard wordlist work on cracking a file i found by using a python cracker i also found?

notKakarot · July 17, 2019, 9:12pm

Can really use someone’s help on getting a shell on this box. I feel like I’ve tried everything. If I can dm somebody, that’d be great.
Also, dm me if you need help with bypassing the login page.

Leonishan · July 24, 2019, 9:26am

Wow, what a ride very very nice machine, learned a lot. Thanks @no0ne and @Adamm for the work here.

User : All you need is in the login portal. If there is some parameter that is working strange, investigate what is that field and the response given. After that there are interesting tools that would give you some extra information. The process until getting user is long but it deserves. Thanks a lot to @NPCMaster and @farbs for helping here.
Root: This is a tricky part, I had the solution but lost a lot of time because it worked sometimes. Now I understand why

halfluke · July 25, 2019, 10:19pm

Never been stuck for the very initial step for so long on a machine… and despite the errors I can google, no idea how to bypass the login.
I know this machine is prolly beyond my current level, but so many people say it’s awesome that I am (was) keen to give it a go anyway…

kmahyyg · July 26, 2019, 7:32am

still stucking at last step, both signature and builtin miss are huge questions here…

any help plz pm me, thx

halfluke · July 26, 2019, 9:11pm

logged in… the greatest and most mindbending thing I’ve seen so far, .

b4nna · July 29, 2019, 7:59am

how to decrypt c****.*** ??

edit : rooted

d00msl4y3r · August 2, 2019, 4:15pm

any help? I stuck

b4nna · August 2, 2019, 5:53pm

Type your comment> @th3d00msl4y3r said:

any help? I stuck

pm

v01t4ic · August 3, 2019, 8:43pm

Got user…
Have learned so many new things. Shed some blood and tears =)

Huuuge thanks to @moxic @Leonishan @Tdzone

s1r1u5 · August 5, 2019, 5:15am

Can anyone help me the login bypass, I know whats happening behind, but my payloads not working.

66727265677582 · August 5, 2019, 5:40am

Spoiler Removed

Pilot51 · August 5, 2019, 6:43pm

Can someone give me pointers on what to read about with regards to the initial login? I can trigger an error and have read about the API, but I’m not sure how that can be exploited.

v01t4ic · August 10, 2019, 3:16pm

started root part: not really random…
edit: yeah, not at all…

edit: rooted, had to dive deep into python

Beautiful box! I’ve learned so many things here. Really satisfied that I could do at least eval() part without nudges =)

Thanks @no0ne & @Adamm, this was the most interesting journey so far!

scottglossop · August 11, 2019, 3:30am

Can anyone help the login? thx

jimmypw · August 12, 2019, 7:41pm

That was superb. I learned so much from this box and while I have always known about a lot of the vulnerabilites I have never made the effort to test them out, until now.

If you need a pointer shoot me a PM

Pilot51 · August 19, 2019, 6:05pm

Got user, that was fun. PM for hints. Onto root

Pilot51 · August 21, 2019, 2:44am

root! what a ride