Official Unobtainium Discussion

Really fun box which taught me a lot, thanks @felamos.
Thanks also @sicario1337 for keeping me on track.

PM if you need a nudge.

I got root after a long journey.
Mega thanks to following friends:
@xtk and @mcdave2k1

They helped me to solve the very hard box.

FInally rooted one of the most challenging box so far.
User is quite straightforward, everything is in front of your unobtainium app :smile:
For root, you have to be familiar with containers, so thanks to tahaa and dionysus for bringing me to the right road.

I’ve just started on this box, having fun already :slight_smile: Did anyone else notice that the favicon resembles the one used by the Dutch newspaper “de Volkskrant”, or is it just me? (http://www.vk.nl)

This was really well done for sure! Lots of fun.

Type your comment> @CounterSu said:

I’ve just started on this box, having fun already :slight_smile: Did anyone else notice that the favicon resembles the one used by the Dutch newspaper “de Volkskrant”, or is it just me? (http://www.vk.nl)

Got user! Took me a long time since there was a lot of new stuff to learn; the box employs some techniques I didn’t know - but do know now. Great experience so far!

Great box, the foothold especially was really cool. The different tools I used and ideas I had to follow through were very exciting and just that was already a lot because I learnt quite a lot of new stuff.
The root part had me very confused and I really wasn’t sure what I was doing until the end. Even after that, I plan on doing that box a few more times to carefully take notes along the way because I still feel like in the middle of the smog.
Overall, really cool box, and I really loved the foothold :slight_smile: Thanks @felamos

Very very interesting box, good job to @felamos for something different. The foothold was quite convoluted for me, as I am not familiar with the language, but the root part instead was fairly smooth and quick, but very real-word like!

Finally rooted this box!

Thanks @felamos, I had a great learning experience both with user and root. The great thing about this box is that it forced me to research new techniques and methods - and exploiting them. What a ride.
Respect towards @sudneo. Could NOT have done it without his help and advice!!

Some hints:
User: Everything you need is in the app. There is more than one way to reverse and use it.
Root: Once you figure out how the container is managed, follow the yellow brick road. Enumerate and research. This quite a new path so resources might be limited. Be persistent!

Finally root, this took me a lot of effort I’m sure who is familiar with technology involved can solve the box with less trouble than I had.

Foothold/User: analyze carefully what you have and extract useful informations. At some point with enumeration you should be able to find the right path, try not to pollute with too much enumeration.

Root: once you’re in classical enumeration will make you understand that something is behind the scene. Here I had to do a lot of study and google-fu. You need to create something malicious (using same approach as foothold) that could allow you to reach the goal.
I managed to retrieve the flag and a shell, but it was really unstable I don’t know if anybody experienced the same situation.

Thanks for the box!

Dm me if you want any nudge

Type your comment> @alemusix said:

Finally root, this took me a lot of effort I’m sure who is familiar with technology involved can solve the box with less trouble than I had.

Foothold/User: analyze carefully what you have and extract useful informations. At some point with enumeration you should be able to find the right path, try not to pollute with too much enumeration.

Root: once you’re in classical enumeration will make you understand that something is behind the scene. Here I had to do a lot of study and google-fu. You need to create something malicious (using same approach as foothold) that could allow you to reach the goal.
I managed to retrieve the flag and a shell, but it was really unstable I don’t know if anybody experienced the same situation.

Thanks for the box!

it is not unstable, is HTB that thinks that everything is a “race condition” and cleans everything shortly

Is anyone available for a quick sanity check on the foothold?

can anyone help me with the root part… I have got the p*** and p*** description

Finally rooted, after about a week of poking, reading, and experimenting. I’d say this machine left me with the most open browser tabs for “OK, gotta go google THIS now” of any I’ve done so far. Like someone else earlier in this thread, I may go back and re-do this machine, just to take better notes of the steps involved.

Thank you @felamos for a very fun and educational machine, I thoroughly enjoyed it.

Anyone available for a nudge?

Loved this box! I haven’t really touched most of the technologies used in this challenge before, but that made it all the more fun.

Anyone available to sanity check what I am doing.

Edit: Got it.

Still working on foothold. I found the service that requires authentication, but I have no idea how to obtain the required t***n (already tried using other authentication methods with the creds I already have from the other thing, but they aren’t accepted, here). Anyone willing to spare a hint on where to look to obtain that t***n? EDIT: I can see that the first application (the one with creds) has some other flaw, but I’m not getting any pingback from the server, with this, so it’s probably a rabbit hole. EDIT2: Got a bit further. Let’s see what I can make out of this :smiley:

Working on root, I’m pretty sure I know what to do. I created a “thing” and have credentials for the service, but all attempts to POST/PUT/PATCH something on that service, always results in a 403. I can provide more detail in a PM, if anyone were willing to spare a hint on where I’m going wrong :wink: