HTB - writeup - challenges - pwn - Dream Diary: Chapter 1
by R1n0 - June 14, 2019 at 10:04 AM
#1
HackTheBox pwn challenge  Dream Diary: Chapter 1 Writeup


[Image: ZZlsLT4.png]

Hidden Content
You must register or login to view this content.


*buy flags
Reply
#2
nice Dodgy Dodgy Dodgy
Reply
#3
hey mate i run the python script, and it SAYS its giving me RCE, but no commands work. once its connected, how do i get the flag out?
Reply
#4
(June 25, 2019 at 01:37 PM)adobereaderisgood Wrote: hey mate i run the python script, and it SAYS its giving me RCE, but no commands work. once its connected, how do i get the flag out?
Having the same issue, did you fix it?
Reply
#5
(June 27, 2019 at 08:07 PM)NtxT Wrote:
(June 25, 2019 at 01:37 PM)adobereaderisgood Wrote: hey mate i run the python script, and it SAYS its giving me RCE, but no commands work. once its connected, how do i get the flag out?
Having the same issue, did you fix it?

nah i have not looked into it any further, but i will let you know if i come up with something!
Reply
#6
(June 28, 2019 at 01:15 AM)adobereaderisgood Wrote:
(June 27, 2019 at 08:07 PM)NtxT Wrote:
(June 25, 2019 at 01:37 PM)adobereaderisgood Wrote: hey mate i run the python script, and it SAYS its giving me RCE, but no commands work. once its connected, how do i get the flag out?
Having the same issue, did you fix it?

nah i have not looked into it any further, but i will let you know if i come up with something!

If only he gave us the flag as well... i paid for a non-working script, sweet...
Reply
#7
If you read in the script:
   
'''
    Script configuration during exploit developement and exploitation
    phase. Change accordingly depending on the environment.
'''
this indicates that there are variables that can change and must be changed, at 90% you could be blocked for this, however this script is wrote by xero, the creator of the Challenge.


the flag is not present because it was not present in the original content. (i was able to get it)

if you are unable to read a writeup and study accordingly, you should not take writeups.

I am sorry if it can sound not friendly but I am not here to help you learn the things that you are doing, i just share a content, which I considered valid, that you must able to use if you "buy" it.
Reply
#8
thanks for the information, seems to very hard
Reply
#9
(June 28, 2019 at 01:27 PM)R1n0 Wrote: If you read in the script:
   
'''
    Script configuration during exploit developement and exploitation
    phase. Change accordingly depending on the environment.
'''
this indicates that there are variables that can change and must be changed, at 90% you could be blocked for this, however this script is wrote by xero, the creator of the Challenge.


the flag is not present because it was not present in the original content. (i was able to get it)

if you are unable to read a writeup and study accordingly, you should not take writeups.

I am sorry if it can sound not friendly but I am not here to help you learn the things that you are doing, i just share a content, which I considered valid, that you must able to use if you "buy" it.

I changed all those environment variables according to my machine...
Reply
#10
Thank you for the flag share :D
Reply
#11
Note to anyone buying this: you aren't getting a flag. Just a writeup that does not contain the flag.
This forum account is currently banned. Ban Length: Permanent (N/A).
Ban Reason: Failure to reply to active scam report / Scamming.
Reply
#12
(August 04, 2019 at 03:09 PM)Jambi123 Wrote: Note to anyone buying this: you aren't getting a flag. Just a writeup that does not contain the flag.
Yeah, the writeups should not contain them, but sometimes you can find them inside. if was related to directly to flag sharing, it would have another title.
(if you have the necessary skills, you can follow this solution for get the flag, or just try to learn something new Sleepy )
Reply

Possibly Related Threads…
Thread Author Replies Views Last Post
HTB - writeup - challenges - pwn - Ropme R1n0 5 1,464 January 22, 2020 at 08:01 PM
Last Post: siftmaxin

 Users browsing this thread: 1 Guest(s)