Official Late Discussion

Eucrates · April 26, 2022, 7:44pm

It did take a while. Finally got it, thanks!

M3rlin · April 26, 2022, 7:58pm

Hi Erebus. Have a look at the web challenge ‘Templated’

SVARTBERG · April 26, 2022, 9:01pm

Having trouble with foothold although I know what I need to do.

Am I supposed to upload different images multiple times? Because I have to figure out the indices of the s__classes? Or is there an easier way? I’ve never exploited S__I before.

Wacha · April 26, 2022, 10:11pm

Just got user after a lot of trial and error, couldn’t get a shell but I got the flag… I’ll take it!

Furtif · April 26, 2022, 11:24pm

Thank you @M3rlin !

HANGMAN666999 · April 27, 2022, 12:15am

broda still trying
i too solved templated in challenge box

cybergonk · April 27, 2022, 12:31am

I’ve been stuck for some hours. I’m at the site and have gathered how to attempt to try running commands. Running them as the f*** name runs, but running them in the im*** doesn’t work because the environment is sanitized or something? I tried using container tags to cancel it and just run the code but that didn’t work either. I’d greatly appreciate anyone who could pm me or just point me in the right direction.

ruderabbit · April 27, 2022, 4:29am

The RCE is a little bit annoying, it took me over an hour to make the RCE work.
A good tip here: submit your command WITHOUT the {{, so you can “test” and see if the OCR is interpreting your font properly. Only after having the string being properly parsed, then add the {{ and try to execute.

M3rlin · April 27, 2022, 5:43am

You’re welcome

hierax · April 27, 2022, 9:25am

Courier 36pt works like a charm

Offancy · April 27, 2022, 12:51pm

Can i get any hints on how to escalate? Has it something to do with the awsomely given path?

HANGMAN666999 · April 27, 2022, 2:28pm

ok now i think im grasping what it is actually doing somehow manage to print simple text like 7*3

bobthebadger · April 27, 2022, 5:07pm

Can I ask, what app did you use?
Gimp the Box doesn’t seem to want to work.

KDirectorate · April 27, 2022, 7:01pm

Rooted! That was fun.

I can’t really think of a hint that doesn’t rehash what is already here. Anything I’d say would be giving too much away I think.

If you need a nudge though, feel free to dm me.

BPr0 · April 27, 2022, 7:34pm

I used gimp → monospace 36pt
works like a charm

x3nx · April 27, 2022, 9:10pm

Finally Rooted

The first part of the machine was clear. It is easy to “find” the vulnerability, but it is disgusting the number of tries I made.
Root is “easy”, you only have to make a good enumeration process to know what is going on.

cmoon · April 27, 2022, 9:20pm

Rooted! Can’t really offer too much more than others already have. @ruderabbit’s hint was super helpful.
Shoutout to @lvruibr for the sanity check on foothold.
As always, feel free to reach out for help but let me know what you’ve tried!

salt · April 27, 2022, 10:10pm

2 ways to root, intended and unintended.

hiephv2410 · April 28, 2022, 10:41am

i’m stuck upload page, i need help

4n07h3rm3 · April 28, 2022, 2:00pm

this is stupid – or I am… didn’t find a stable way to deal with __or`´’ – at least now I know the sum of 7times7 (:{)

Topic		Replies	Views
Official Resource Discussion Machines	153	4555	November 23, 2024
Official OnlyForYou Discussion Machines	186	12443	September 7, 2023
Official Bagel Discussion Machines	37	4938	May 14, 2023
Official Secret Discussion Machines	147	11304	March 24, 2022
Official Proper Discussion Machines	31	4343	August 19, 2021

Official Late Discussion

Related topics