@Tatik said:
I read but couldn’t find what I was looking for.
I found user.txt and got stuck in root
Ok, if you have the user, then you need to look hard and find the thing you need to make the other port useable.
Okay, my first ever try on pentesting and I really enjoyed it.
It was a tough one and here is what I think:
++ I was stuck at first point of finding t****r password but I found out that I was not using correct syxtax (Being from windows background), so first challenger was for me to learn the syntax and get used to linux command line
++ I was familiar with windows streams however I struggled to open them in linux so had to transfer them to windows box and then get info out of them.
++ compiling the VB code was easy enough for me as I had previous knowledge of VB for both user and root part.
massive thanks to @VbScrub and @TazWake for their pointers.
Off to the next box.
Type your comment> @VbScrub said:
This thread is like groundhog day :lol: come on guys, at least read the last few pages before asking the exact same question that’s been answered loads of times before. If you need more specific help, PM someone.
speaking of groundhogs day, i see that your next machine has been accepted any idea of what it is suppose to replace and when that’s going to be?
@Ad0n I don’t know what it will replace but I was told it will be released before the end of this month
Rooted,
I have mixed feelings about this machine. Too CTF-like for me. I liked the VB Part since I used that for some projects years ago. The rest, not so much.
Some methods are so old it should not be allowed to be used anymore, therefor this machine has little to none real-life vectors. This is more a puzzle box imho.
Luckily I had VS and a windows VM ready to go, I would advise to use that otherwise you will be installing tools for some time. I know you can do it in linux but it’s a pain.
for root: do the .exe last, spend so much time reversing the vb, it gives errors when you don’t have the right hash. The things you need from it only works when you have the hidden file used.
Hope I didn’t spoil to much.
Hi All,
could anyone help me on root access, I found the admin hash and exe file, what is the best software to analyse the file to modify the source code and decrypt the password.
Type your comment> @kan3k1 said:
Hey I am having issues on the last step.
I managed to get H* L* .exe, the empty file and H* _C* _B* .xml, but when trying to run it with mono:“Please ensure the optional database import module is installed”
I am using Linux probably that’s why I am having so much issues with running the exe
Did you ever get an answer on this?
Generally speaking, its easier to use a free copy of Visual Studio.
Type your comment> @VbScrub said:
This thread is like groundhog day :lol: come on guys, at least read the last few pages before asking the exact same question that’s been answered loads of times before. If you need more specific help, PM someone.
lol
rooted good box
Finally rooted!
This was tough to call. Very fun at times; extremely frustrating at others.
I don’t think this was an “easy” box, as many have said. Mostly because so many things were so well hidden. Which brings me to one major complaint…
The trick to get the password for the high port was a major pain. I’ve seen it before, but it’s not common. I would have never thought to try it if I hadn’t seen some hints in here (perhaps there was a hint on the box I just didn’t catch?). When I did try it, I couldn’t get it to work on Linux. Moved to a Windows VM, and still no luck. Reset the box; still nothing. Without giving away too much, I had to go to the file, not bring it too me. More reason why, even if I had considered the trick, I would have dismissed the idea quickly because it’s so rare and it flat-out was not working. It was frustrating to say the least.
Hints:
USER: Don’t overthink when you get new keys. Sometimes they just open your neighbor’s door. Also, if you can’t see something, but you’re told it’s there, maybe look harder 
ROOT: If you see something, and you’re told it’s not there, sometimes there are Alternate realities.
Finally, for the hashes, if you’re like me and don’t like too much crypto: make the the source work for you
Rooted!
In some cases is frustrating move forward.
User part was really a nice trip, one of the best.
Everything has been put with precision, definitely a well-made box, perhaps the easy difficulty is not appropriate.
Hints:
User: take a breath. Think easy. Enum enough to start. Read slowly.
When you found a way, look at what can you do. If you get stuck, you’re not too far from solution! Maybe a recursive search can make you see things more clearly.
Root: password it is literally written there. Well actually no. But it’s still there.
guyz… I got a password hash of c.smith and stucked here…someone help me pls…
Anyone able to give a pointer around the DMP*****.txt ? I have the files… but 0 bytes?
@AwkwardUnicorn said:
Anyone able to give a pointer around the DMP*****.txt ? I have the files… but 0 bytes?
Best pointer is to read through the previous posts here and see it is discussed several times with about as much hints as you can get without being given the answer.
@manasramesh said:
guyz… I got a password hash of c.smith and stucked here…someone help me pls…
You might want to scroll back a few questions.
Yup worked it out with more reading of man pages… got a high level hash now…
Not sure where to proceed next. Doesn’t look like it works the same way as the last has was decrypted…
@AwkwardUnicorn said:
Yup worked it out with more reading of man pages… got a high level hash now…
Not sure where to proceed next. Doesn’t look like it works the same way as the last has was decrypted…
It needs different settings.
Got it, finally. Had to download windows though…
This was crazy hard to get root.