Official Sharp Discussion

Can someone DM me real quick for the last part for root? I cant get my edited *********.exe to run on the box.

Type your comment> @blackaugust said:

Can someone DM me real quick for the last part for root? I cant get my edited *********.exe to run on the box.

Well, I came back without changing anything and it runs. PM if you want any help/nudges

Also, if anyone knows of a windows equivalent of doing (tar cfz - ‘directory’ | nc) please let me know.

Rooted!

What a great machine - balanced, logical and enjoyable. I learned some sharp skills. Thanks @cube0x0

Foothold: Fastest way is to reverse what the program is doing.

User: Analyze what kind of functionality is used. It’s ooooold. Google-fu will bring you weapon. But you need to create ammo yourself. Yeah, it’s serious. Remember to keep your payload small because it could be truncated.

Root: It’s really that easy. No red herrings.

Hi, found user and pass for the R******g Service, compiled the exploit but seems not to be working, tried with custom command/payload. Can i run exploit via wine or do i need to run it from Windows?

Maybe someone is willing to help me a bit her

thx

Ok this was an amazing box :open_mouth: The user was such a rollercoaster. If you get user root is fairly easy. I did this box exclusively on a windows VM I don’t think you can get user just by using linux. Special thanks to @sparrow1 for his valuable nudges and sanity checks :smiley:

As far as I can see, I agree with @amra13579, I cant see how you can get user on Linux. I have a good idea of what I need to do and how, I just don’t have easy access to a Windows machine.

Might have to try with a free VM download from Microsoft :smile:

Ok - even with Windows I cant get this working :blush:

I’ve downloaded a VS exploit but it keeps breaking on compile and my knowledge of how to fix it is failing. I even downloaded a precompiled one, but that just errored out constantly.

This is a challenging box!

— edited —

Never mind, it was a dumbassed mistake on my behalf.

Finally rooted.

thx got it, after setting up a win vm it worked like a charm, root was kind a easy…

thx for the box!!

I’m also at the point Clie** Ser*** - but don’t get Clie** working. Found a long article from 2015 about the underlying stuff but need help from here I think, I mean maybe I get it lol but I’m impatient so I want a nudge really… DM please… I’ll share the article…

Can I check, has anyone actually done this via linux?

@phl3ee said:

Can I check, has anyone actually done this via linux?

I didn’t. It was nearly all done from windows for me.

Nice Clean Box. I did this box using commandoVM Windows 10.

fairly not hard.

Hints:
you have the source, Build using the most famous windows IDE, and the Box name is a Big hint for the Language, stick with it for user and root.

PM me for more hints. :slight_smile:

This box was just the push I needed to re-visit my windows image and get it more tooled up and fit for purpose! take snapshot!

Like others, I have to say, thanks for the journey @cube0x0 ! Thanks also for the nudges @TazWake

Finally got there after a lot of fumbling about!

This was an crazy journey for me :slight_smile:
Lots of fun and learned a lot and something I need to read up a lot more of.
I had to switch to an Windows image (used commando) which worked alright - but for some reason I had lots of issues navigating once I had a shell. Not sure if my commando image was playing up or that this box was designed to cause some pain…

Either way lots of fun and thank you @cube0x0

I would be curious to hear if anyone managed to do this purely on Linux?

I am unable to compile wcfCnt.exe on linux. If someone can please provide me the patched version of wcfCnt.exe to add my user to adm***ors grp, that will be awesome.

It’s pretty tough to do on linux.

If anybody has rooted this solely using Linux, can you please send me a PM, or message me on Discord @ Spectr3#1389.

It’s a great box, and root is along the same lines at user. But user is relatively tough to get. Make sure to enumerate well.

Finally done. This was an awesome machine that taught me quite some new old technologies.

If you get stuck with user, make sure to first try some simple payloads and monitor your traffic. Took me ages to realize that what I tried actually worked (despite some weird/random error messages) :smiley:

Respect to the people that rooted the entire box in couple of hours. It took me one hour to figure out how to decompile a binary. And another to figure out what to do with it. Like holy smokes, it’s insane how good are some people on this platform. And then there is me stuck in reverse engineering one binary for like 5 hours.

How some can root this machine in less than 2 hrs leaves me speechless.
Overall a very fun box, got a bit rusty on windows lately, so this was a great refresher.

My c# skills are pretty bad. Can someone one PM me some details on getting the R*S exploit to compile?