Official Sandworm Discussion

gpg -k
gpg --sign --armor --local-user 0x<keyID>


gpg -k
gpg --delete-secret-keys <keyID> 
gpg --delete-key <keyID>

Got root. Thanks to some of the helpfull hints I found on here. I’m on to the next box. If anyone needs some pointers let me know. Here is some info:

User: Keep enumerating the web app. This vuln relies on the output being returned to the user so enumerate all possible inputs on web app and focus on the one that returns info based on your input.

Root: Look at cron jobs. Break outta jail and enumerate.

Finding the correct reverse-shell is one of the biggest problem for me lol. Solid box!!

Im stucked cathing the root flag, i modified the but i have no response in the listener, idk what im doing wrong, i search for any writeups or idk to resolve it, but i didt find anything, if someone want help me, i appreciate it, i try for 3 days and didnt work for me … :frowning:

I cannot verify a signature with a public key and signed text created by me, but I can with the public key and signed message provided by the website, the same thing with you boys ??

Hey, im atriox2510, this is my new nickname. the new link for the repository with the PGP python suite is:

Hey can someone help me get root access. I am stuck with horizontal privilege escalation.

Hello everyone, can someone help me with ssh


used to connect to atlast i am stuck on this part. cant get ssh connection to atlast

nah man u tripping lol

I could run commands through Popen, but still couldn’t find a working reverse shell payload. Maybe I’ll take a break for now…

Finally rooted. Fun box, learned a lot. If you need help you can send me a dm with what you are having trouble with.

Very nice machine! Many thanks for the author!

Open to share my exp from Sandworm!

I created an interactive-shell-ish program to handle the privacy thing and man oh man it was worth it.

I have the user flag but finding it very difficult to break out of jail. is this step intuitive to most people?

The path of the righteous man is beset on all sides by the inequities of the selfish and the tyranny of evil men.

Blessed is he who, in the name of charity and good will, shepherds the weak through the valley of the darkness, for he is truly his brother’s keeper and the finder of lost children.

And I will strike down upon thee with great vengeance and furious anger those who attempt to poison and destroy My brothers.

And you will know I am the Lord when I lay My vengeance upon you.

  • Ezekiel
1 Like

The Verify Signature option doesn’t even freaking work on this box, can’t get foothold cause everytime the verify signature button doesn’t do a ■■■■ thing… Someone broke this box

Im actually stuck in the same area of this machine. I worked at it and now been taking a break to let my mind reset from it. I could be wrong here but its looking like we may need to be operating from 2 different ssh connections on the same machine… Does that make sense? So im thinking we may have to actually do a lot of the leg-work from one of the compromised accounts and then actually bust up out of the jail from the other compromised account.

currently stuck on this one, I have the user flag but i’m having a hard time with priv escalation

I took a break from this one, as I had the foothold but signature won’t verify once I have the correct format.

I’m onto root. For foothold try to use keep simple and avoid bad chars.

I think I now what to do to get root. I also have creds to access the admin portal of ssa but it’s pointless right?

Edit: rooted it was a bit confusing to get back to user1 after switching to user 1. Final PE was pretty straightfoward.
Nice box