Official Keeper Discussion

FireofGods · August 12, 2023, 11:18pm

Rooted.
This wasn’t hard, it was just very annoying, especially root.
Maybe it wouldn’t have been so annoying if scp didn’t fail me and only copied half of the needed file ;_;

d3lvx · August 13, 2023, 2:44am

If you’re looking for the initial foothold, explore. You will find it, click and examine everything.

gkatarina · August 13, 2023, 2:51am

I think i do find the foothold but can’t get how to use it, can i DM someone ?

nanase · August 13, 2023, 2:55am

I think I’m having the same problem as you, knowing the vulnerability but not knowing how to exploit it

ellj · August 13, 2023, 3:58am

If I am looking at a dessert am I on the right path?

d3lvx · August 13, 2023, 4:10am

can someone help a brother out and let me know how they wrote out their hashcat mask to crack the partial password please? My head can only pound on the desk so long.

cyleigh · August 13, 2023, 4:39am

I’d love to know how to work out a partial. Do I need a Windows VM for katz? pypykatz is not working

IXNovaticula · August 13, 2023, 5:43am

Stuck on root for hours. A nudge to find a good way to read a certain file would be helpful. Thanks in advance.

ricktor321 · August 13, 2023, 6:34am

can i get a hint about the root

payload0911 · August 13, 2023, 6:59am

Where place inside the dashvboard allow you to get reverse shell or server access?

chiefnightwolf · August 13, 2023, 7:08am

pwned, super straightforward just keep things simple.

whitecapshroom · August 13, 2023, 7:22am

Easy login

whitecapshroom · August 13, 2023, 7:31am

FFS, use copy and paste an hour wasted on a typo.

Uncleseven · August 13, 2023, 8:24am

How much time did you spend cracking Keepass?

ctfl · August 13, 2023, 9:20am

no need to crack

IXNovaticula · August 13, 2023, 9:25am

Not everything needs to be an exploit : )

0x99samurai · August 13, 2023, 9:26am

A bit late to the party, I presume!
Nice box. I had to use both my window system and linux virtual machine to get the job done for the final part to get root.
Pretty simple. Easy yes. Simple too.

Hint:

For User: Make sure you keep things simple and enumerate the page and try different things with it.
For Root: Try to utilise a windows system alongside, it will make thing much much simpler. Although after achieving User, it is mostly googling, reading and doing!

Goodluck!

0x99samurai · August 13, 2023, 9:27am

If you are talking about brute-forcing it, I would advise you to keep it running while you further enumerate the files present to you!

ctfl · August 13, 2023, 9:34am

If you have user, then you find a zip.
Google for a recent blog.
Google for a dessert name.
Figure the next steps out.

xtromera · August 13, 2023, 10:04am

Need some help for the initial foothold
digged too far cannot see any vuln though :((