I’m stuck getting user. I can read files (at least 2 interesting ones found) and am able to log into a web app after cracking hashes. After reading about several auth mechanisms and trying several other things i’m out of ideas. I guess i overlooked something.
It would be great if one of you could give me a hint on how to continue. PMs are welcome. This post is a bit vague because i don’t want to spoil.
Does everyone find this box too easy to need to ask questions on or too hard to try 
Many thanks to @incidrthreat and @Mumbai for this cool machine. I found the user part pretty hard but also useful for sharpening my fuzzing skills. And i learned at least one (bit crazy) new technique.
Getting root was also cool, but more straightforward in my opinion. For me it was necessary to reset the machine on two occasions in order to be able to continue (read above for problems with read-only access).
If you need help, you can PM me.
Happy hacking.
This box kills me…
rooted! dam this box for me was way harder than smasher… smasher was more logical, but has bad wrap because not many people knows C/ASM/GDB but I happen to be familiar since i’m a unix admin for a long time, but this box in the other hand… O_o
I want someone’s help for this one… A bit new here…
Can someone plz pm me… 
Is anyone around who would be willing to answer a question I have? I promise it will be quick.
Holy COW… What a ride… This box must have been a real treat to make.
I loved the detail.
Props to @incidrthreat and @Mumbai for making this. It was a real treat, learned a lot
@evandrix Nah, whatever that is forget it. Once you buckle down and figure out the various paths, the box is as-advertised. Be prepared to actually read about and learn how a few things work. When you run into them you’ll know what I’m talking about. There are basically no shortcuts. If you’re stuck, invest some time in learning about how the thing you’re stuck on actually works in practice, not just in the context of a CTF.
I think the reason why there isn’t a lot of discussion about Oz is because there aren’t really any troll moves or tricks. You either know how ‘xyz’ works, or you don’t get user, let alone root.
Folks with development experience will have an easier time. Those with DevOps experience will have an even easier time.
Thanks guys, the box was really fun to build. @mumbai and I had a blast putting it together. We like being praised for our torturing techniques. xD
@rejoinder - You hit the nail right on the head. The various ways to get access to each app, to get user, and to get root were very intentional. Research is key and Oz will make you work for it. Even if you already know a tool or are familiar with a few methods, users are gonna have to buckle down and learn some new things about those tools and methods. Dust off those googlator skills folks.
I try to enumerate the web app and at least for one specific url i receive what looks like a JSON reply. I can also raise a 500 on that request but not sure how to continue. Any good reads on this topic ?
am getting too many ciphers on different location !!! but unable to detect what algorithm is used on those ciphers ?? Is am on the right path ??? PM me for a Hint !!! Thanks in advance !!!
I have the port knocking squence but then still im not able to ssh in .Can anyone help me with this?
Edit: Never mind.
If someone has nudges to give… I’d be willing to take them 
EDIT: No nudges needed anymore.
Puhh if anyone can give me a nudge that would be great.
I cant find a way to open the front door.
hi everyone. I have limited file access (fetched a couple), logged in also, but unable to find any rce, any hint? (pm).
edit: still no clue
@Warlord711 said:
I try to enumerate the web app and at least for one specific url i receive what looks like a JSON reply. I can also raise a 500 on that request but not sure how to continue. Any good reads on this topic ?
If you see abnormal behavior (and a error 500 is abnormal) pay attention to how it was caused. Try to reproduce it and and ask yourself what could it mean.
I’ve got the key but can’t figure out the knock to the front door. Any nudges would be appreciated.