|
SecurityMonkey
|
 |
« Reply #90 on: September 04, 2012, 08:52:35 PM » |
|
Nice one! See told you not to give up :-)
|
|
|
|
|
Logged
|
|
|
|
|
sternone
|
|
« Reply #91 on: September 04, 2012, 09:26:03 PM » |
|
LOL!!!!!!!! Just rooted another one !!!
SERVER COUNT : 15 !!!!!!
|
|
|
|
|
Logged
|
Try harder....hmpf!!
|
|
|
|
jjwinter
|
|
« Reply #92 on: September 04, 2012, 09:27:36 PM » |
|
Yar! Keep good notes. Make sure they says things other than "F-u #%@%!@ Server 14!"
|
|
|
|
|
Logged
|
|
|
|
|
SecurityMonkey
|
|
« Reply #93 on: September 04, 2012, 09:36:43 PM » |
|
Dude your on FIRE!!!
|
|
|
|
|
Logged
|
|
|
|
|
sternone
|
|
« Reply #94 on: September 04, 2012, 09:40:15 PM » |
|
I can't anymore.. I really need sleep now ! haha Strange, sometimes a buffer overflow that worked before is not working anymore. I had it before, i reverted twice and then it worked again. Some exploits say in the code: this works only for 70% ...  |
|
|
|
|
Logged
|
Try harder....hmpf!!
|
|
|
|
SecurityMonkey
|
|
« Reply #95 on: September 04, 2012, 09:41:41 PM » |
|
I can't anymore.. I really need sleep now ! haha Strange, sometimes a buffer overflow that worked before is not working anymore. I had it before, i reverted twice and then it worked again. Some exploits say in the code: this works only for 70% ... I guess it all has to do with memory locations.... and finding the right one! Go to bed.... |
|
|
|
|
Logged
|
|
|
|
|
shadowzero
|
|
« Reply #96 on: September 04, 2012, 09:57:19 PM » |
|
I can't anymore.. I really need sleep now ! haha Strange, sometimes a buffer overflow that worked before is not working anymore. I had it before, i reverted twice and then it worked again. Some exploits say in the code: this works only for 70% ... Some exploits may take a couple of tries before it kicks in. |
|
|
|
|
Logged
|
|
|
|
|
sternone
|
|
« Reply #97 on: September 05, 2012, 04:53:23 PM » |
|
Rooted another one !!!!!
Maybe it is THE most important one.. because... THAT's what we wanna see right baby ??
SERVER COUNT : 16 !!
|
|
|
|
|
Logged
|
Try harder....hmpf!!
|
|
|
|
hayabusa
|
|
« Reply #98 on: September 05, 2012, 07:53:29 PM » |
|
<grin> Looks 'slightly' interesting.  |
|
|
|
|
Logged
|
~ hayabusa ~
"All men can see these tactics whereby I conquer, but what none can see is the strategy out of which victory is evolved." - Sun Tzu, 'The Art of War'
OSCE, OSCP , GPEN, C|EH |
|
|
|
sternone
|
|
« Reply #99 on: September 06, 2012, 12:34:00 PM » |
|
Routed another one.
One confession: This one box took me literally the whole day. That wasn't an easy one. Like a whole day.
Glad I rooted it.
I'm going to get into the tunneling stuff soon and might stop hacking the student network.
I can always come back and do the other servers anyway.
SERVER COUNT 17
|
|
|
|
|
Logged
|
Try harder....hmpf!!
|
|
|
ajohnson
Recruiters
Hero Member
 Offline
Posts: 1057
aka dynamik
|
|
« Reply #100 on: September 06, 2012, 12:39:41 PM » |
|
One confession: This one box took me literally the whole day. That wasn't an easy one. Like a whole day.
It only gets worse. I went from rooting five per day at the start, to one every five days towards the end. I'm going to get into the tunneling stuff soon and might stop hacking the student network.
I can always come back and do the other servers anyway.
Not all systems exist in a bubble. Don't skimp on your research and info gathering. |
|
|
|
|
Logged
|
WIP: GCFA | www.infosiege.net | @infosiege The day you stop learning is the day you start becoming obsolete. |
|
|
|
sternone
|
|
« Reply #101 on: September 06, 2012, 04:26:00 PM » |
|
ROUTED ANOTHER ONE! SERVER COUNT 18 This was another nasty one. Buffer exploit days seems to be over...  It's all web script hacking and SQL injections from now on...  |
|
|
|
« Last Edit: September 06, 2012, 04:29:27 PM by sternone »
|
Logged
|
Try harder....hmpf!!
|
|
|
|
sternone
|
|
« Reply #102 on: September 07, 2012, 10:57:55 AM » |
|
DAY 27
Routed another one: SERVER COUNT : 19
This was nasty again. No more low hanging fruit folks. I had to hack an application, then change a lot of settings in an application so I could finally have executed code.
Wow. Not easy and very time consuming.
Do all servers have multiple access ways ? Or is that only with a few ones ?
I'm also wanting to know exactly what tools you can use on the exam so I know what to practice with.
The lab is getting really harder now.
|
|
|
|
|
Logged
|
Try harder....hmpf!!
|
|
|
|
UNIX
|
|
« Reply #103 on: September 07, 2012, 11:04:02 AM » |
|
Do all servers have multiple access ways ? Or is that only with a few ones ?
I'm not sure if all, but when I did the labs I discovered on quite a few machines more than one way to get root/SYSTEM. |
|
|
|
|
Logged
|
|
|
|
|
shadowzero
|
|
« Reply #104 on: September 07, 2012, 11:13:32 AM » |
|
Some have more than one way. Some have red herrings. Some have only one way. The notorious ones, usually only have one way. |
|
|
|
|
Logged
|
|
|
|
|
