Olympus

0xklaue · August 6, 2018, 8:11pm

@sazouki said:

@pzylence said:
I know what I need to do, but somehow Crete’s door are closed and are not opening the way I try to. Anyone up for a quick discuss?

knock knock knock

I got what you’re saying, but its a different problem related to initial foothold after n1*7o PM’d you…

loln00b · August 6, 2018, 8:39pm

Can anyone PM me what to do with the .cap file. I have some idea’s but I dunno how to put them to the test.

hexiburner · August 7, 2018, 5:02pm

Took me a while, finally rooted, good learning curve. Nice box.

TheBull369 · August 9, 2018, 1:36am

Interesting box… I liked learning about some new techniques, not sure I enjoyed the guessing part, but I guess sometimes you need to do that even irl. Thanks for the box @OscarAkaElvis , had fun!

BingoBaer · August 10, 2018, 8:50am

Could someone please give me hint (DM) how to proceed with the DNS? I have cracked the pcap, maybe found something useful. But I’m stuck.

Dartkron · August 11, 2018, 3:52pm

Can someone please tell me or pm me regarding the step after cracking the pass in cap file?
i think i found something (maybe not) in the decrypted data and dunno how to use it .
tried to enum the dns but how can we “dig” if we have no domain name.
Thanks !

Dartkron · August 12, 2018, 10:59pm

Oh thanks for the tips guys finally got root !!
The guessing part just wasn’t mine hehe , and the pain i needed to overcome to get root with the privesc(do****) uhhh (anyone who thinks he got the easiest method to privesc please pm me)
thumbs to the creator and definitely gonna use the airgeddon !
Thanks

vrvik · August 13, 2018, 6:56am

this is one ■■■■ of a box, ■■■■ fun working on this one, i learnt a few nice things working on this box, priv esc is nothing compared to the initial work required to get user flag,
any help required feel free to hit me up on discord [ vrvik#7626 ]

masusekhan · August 13, 2018, 1:20pm

weird things my nikto scan showing up! every link shows encrypted output which i try other then the weblinks. Lost now, hints pls

mcruz · August 13, 2018, 7:28pm

Rooted PM if need help

123 · August 14, 2018, 12:14am

Just finished it.

In general have to say the machine was good, it had different things going on and the story in general was also pretty cool.

However, I still have mixed feelings about that “jump” you have to do in order to move on. I would suggest to the people who are struggling with that bit (you know when you’re there), to actually follow the story-line that is being told through the various machines. That, along with some basic enumeration (and some simple guessing, use what you have!), can point you in the right direction.

masusekhan · August 14, 2018, 12:53am

i found a repository! is it where the game starts?

PrJ7g1d · August 16, 2018, 8:14pm

I think this is my favorite box so far. The Olympia part had me frustrated for quite a while, but it was worth it. Nice one @OscarAkaElvis

DarkNight7 · August 17, 2018, 9:25pm

Hey guys, I found a specific header that gave me a possible hint on where to go. (As said before in the thread, a dev-like tool). There’s an exploit module on MSF but after sending the requests, the server answers with a RST package. I was trying to abuse this manually, but I’m having a nightmare installing the needed tools and whatnot, so much that I am no longer sure if it is just a rabbit hole. If this is the right way to go, may I ask a little help with the set up of the environment and everything, and if it’s not, any hints would be appreciated.

MADE · August 18, 2018, 12:40pm

I didn’t read through this thread, so I’m not sure what was said here. The box isn’t hard in-regards to enumeration. Everything is almost always in front of you (i.e. where you land, you can obtain the clues/creds to move forward). The tickiest part for me was understanding where the .cap came in because (although I discovered/cracked it very quickly) I didn’t think to use it’s information in that manner. Everything was straight forward. Ending was super easy.

I’m open to give hints to folks that need help. Please PM me, if so.

elio · August 18, 2018, 5:36pm

I’m really enjoying this machine

EDIT: got root. Really nice box, privesc was interesting but not anywhere near as much as user. You can PM if you need any hint.

slack3r · August 20, 2018, 9:43am

Finally got root, got to say great box, learned a lot about docker. Great job @OscarAkaElvis .

0xklaue · August 20, 2018, 10:24am

I’m somehow not sure why I am not able to get a shell using the msf/py exploits available. Reached out to many of them, checked in wireshark as well. Everything seems fine, but somehow, something gets fucked up and I get an RST from 10.10.10.83, which is very weird.

hhhheioioio · August 22, 2018, 4:19pm

Rooted!! This was a wild ride. I appreciate the help from everyone. If you need hints PM me

DarkNight7 · August 23, 2018, 7:09am

Ok, I have a shell to this box, I cracked what could be cracked, but I don’t seem where to go from there. I know that I am on a limited environment, but I’m not sure if I should escape it, abuse it, priv escalate from there and I’m running out of ideas. Any hint?