TUTORIAL RopeTwo
by terobau - October 27, 2020 at 04:48 PM
#13
(November 02, 2020 at 05:27 PM)dory23 Wrote:
(November 02, 2020 at 04:55 PM)mandoline Wrote:
(November 02, 2020 at 03:53 PM)dory23 Wrote: use /usr/bin/rshell to escalate to r4j


nice, a restricted shell. But how to escape ?

use google and there is a website that has the enough documentation about this shell and how do  they work

It's not a restricted shell that you are thinking, download the binary and reverse it.....
It has got UAF
Reply
#14
(November 04, 2020 at 02:16 AM)D0v3 Wrote: RopeTwo user and easy root:

[Hidden Content]

zip file password protected!!!
What is the password?
Reply
#15
(November 04, 2020 at 04:50 AM)Consigliere Wrote:
(November 04, 2020 at 02:16 AM)D0v3 Wrote: RopeTwo user and easy root:

[Hidden Content]

zip file password protected!!!
What is the password?

root hash
Reply
#16
(November 04, 2020 at 04:51 AM)D0v3 Wrote:
(November 04, 2020 at 04:50 AM)Consigliere Wrote:
(November 04, 2020 at 02:16 AM)D0v3 Wrote: RopeTwo user and easy root:

[Hidden Content]

zip file password protected!!!
What is the password?

root hash
Ok....so you sell a password protected zip file without password..........
Reply
#17
(November 02, 2020 at 05:47 PM)terobau Wrote:
(November 02, 2020 at 05:27 PM)dory23 Wrote:
(November 02, 2020 at 04:55 PM)mandoline Wrote:
(November 02, 2020 at 03:53 PM)dory23 Wrote: use /usr/bin/rshell to escalate to r4j


nice, a restricted shell. But how to escape ?

use google and there is a website that has the enough documentation about this shell and how do  they work

It's not a restricted shell that you are thinking, download the binary and reverse it.....
It has got UAF
Hi!
Could you explain the UAF please?
I need to play with the size of files somehow?
Reply
#18
Guys anyone got user please give that heap exploit.
Reply
#19
(November 16, 2020 at 11:57 AM)teksius Wrote:
(November 02, 2020 at 05:47 PM)terobau Wrote:
(November 02, 2020 at 05:27 PM)dory23 Wrote:
(November 02, 2020 at 04:55 PM)mandoline Wrote:
(November 02, 2020 at 03:53 PM)dory23 Wrote: use /usr/bin/rshell to escalate to r4j


nice, a restricted shell. But how to escape ?

use google and there is a website that has the enough documentation about this shell and how do  they work

It's not a restricted shell that you are thinking, download the binary and reverse it.....
It has got UAF
Hi!
Could you explain the UAF please?
I need to play with the size of files somehow?

add a file
then edit it while editing it pass size 0, now the chunk should be freed but you still have access to that chunk pointer

(November 16, 2020 at 12:42 PM)0xvijay Wrote: Guys anyone got user please give that heap exploit.
i can give you exploit, but not for free
Reply
#20
(November 16, 2020 at 01:39 PM)terobau Wrote:
(November 16, 2020 at 11:57 AM)teksius Wrote:
(November 02, 2020 at 05:47 PM)terobau Wrote:
(November 02, 2020 at 05:27 PM)dory23 Wrote:
(November 02, 2020 at 04:55 PM)mandoline Wrote: nice, a restricted shell. But how to escape ?

use google and there is a website that has the enough documentation about this shell and how do  they work

It's not a restricted shell that you are thinking, download the binary and reverse it.....
It has got UAF
Hi!
Could you explain the UAF please?
I need to play with the size of files somehow?

add a file
then edit it while editing it pass size 0, now the chunk should be freed but you still have access to that chunk pointer

(November 16, 2020 at 12:42 PM)0xvijay Wrote: Guys anyone got user please give that heap exploit.
i can give you exploit, but not for free

PM me i cant pm you
Reply
#21
anyone have idea to get user or root?
Reply
#22
damn son ... rope 2

hats off to u !!!

;-)
Reply
#23
Any updates on user part....?
Reply

Possibly Related Threads…
Thread Author Replies Views Last Post
BUYING ROPETWO ROOT HASH (Buying) 0xvijay 2 298 November 23, 2020 at 03:54 PM
Last Post: 0xvijay
TUTORIAL RopeTwo kiddohacker 4 1,316 November 20, 2020 at 04:15 AM
Last Post: 0xvijay
TUTORIAL RopeTwo fr0z3nsp4z3 3 939 October 25, 2020 at 11:59 AM
Last Post: fr0z3nsp4z3

 Users browsing this thread: 2 Guest(s)