Safe

Type your comment> @thegoatreich said:

Type your comment> @nospace said:

Encountering this kind of challenge for the first time and so I am not able to get a foothold. Would someone please recommend me some resources to get started with? Any specific IPPsec videos maybe?

Have a look at IPSec’s Bitterman video.

Does anyone have an idea how I can get hashcat to run in a VM environment when I can’t use GPU? I’ve tried all the results I’ve found online but I still can’t get it to work.

Hashcat is great with a GPU, but if you don’t think you’re going to have access to one soon, I would just use John.

It seems that I’ve got root password from the .k*** file but when i’m trying ssh to the box, it says that the password is incorrect.

Am I missing something here?
Does anyone else has the same issue?

Type your comment> @boris154 said:

It seems that I’ve got root password from the .k*** file but when i’m trying ssh to the box, it says that the password is incorrect.

Am I missing something here?
Does anyone else has the same issue?

Yes, you’ll have to find another way to switch user.

Who can I bug with a stupid question about the bittermann video? (first time buf, rop here…)

Anyone can give me hints on how to swotch user i have the root password and everything but can’t switch.

deleted

Guys,

it seems images are filled with some info. I used steghide and it prompts for password. It doesnt have anything with task (root hash already obtained) but just for my curiosity: did anyone cracked it? Is it some easter egg? Is it worth to be cracked or just a rabbit hole?

Deleted

Some advice to prevent people from wasting time: h***t doesn’t seem to work properly for some people when you have more than one hh.

If you think you have everything right but h*****t isn’t playing nice, try jt* instead.

Hey I got the root password from M********.K **x file I don’t know where to use that to login as root someone Ping me the hint

deleted

hheeeeeelp I got the exploit working locally, but remotely something is not in line… appreciate any help

@dr0ctag0n said:

I was excited to see another ‘easy’ box getting released and the first step is literally custom exploitation and reverse engineering XD

I’ve only been on this site for about a week. Managed to find the reference to high port, and have no idea how to get this sound-chamber to say what I want.
That’s what I get for picking the box everyone said was easy.

rooted safe is safe good box with custom exploitation

This box was definetly was a nice learning curve!!!

User:
Try and look at the fluff binary and how its solved… I cant put the name of the site where its found but PM me for a URL

Root:
Well just look around and u shall see

It’s a great box
I think this box costs more than 20 points, but it was a funny
Thank you

Type your comment> @hackWorld00 said:

I need a hint for user, i noticed a lot of people wrote their strings to memory and execute it from there, how(just adding the string potion)? , I can’t find any tutorials specifically for this, all I can find is the spawn a shell from libc, and they avoid adding the string to the memory route. thank you

Thinking about the same thing… have you found a good article about it?

Finally rooted it!

Decided to choose this machine second, to test my hacking pentesting skills on it.
In shorts… I made a bad choice…

Anyway there is few tips about moments, which confused me:

User
There’s exist bunch of BoF’ing methods depends on file protection and functions, which is available in binary. Use the most suitable one.

Root
Everything u have - everything u need. If u’re going right way things will happen quickly.

Also feel free to PM me here or in discord, if u need some tips about this machine

Deleted

It seems I have the right PW for root, however, I cant for the life of me figure out how to switch users. s**o doesnt exist and s* no workie! LOL Any assistance would be greatly appreciated!