blowfish.smashthestack.org help on level1

Hello, are someone playing the root game blowfish on smasthestack? If so and if someone are past level1 can someone help me with that level? I am stuck. I dont know what to do with the script?

I have seen SMs name on there a few times, hes great at rooting, ask him.

BC

Thanks I will but a Littel problem I cant find any member that are named SMs? Or have I got the situation wrong?

I think HBH should have a war game.

Anyone else?

I think that, but I would aslo like som tuts on that. :)

hbh rooting game FTW :D

yea I thought it would be a good idea seeing as we dont much in the way of rooting on this site.

cubeman372 wrote: I think HBH should have a war game.

Anyone else?

indeed

It would be great with some rooting lessons and challanges here =) The one we have isn't that good =P

Anyone who know a good place to find out some stuff about rooting?

I think it's a brilliant idea to have some boxes to root for HBH.

SMs == system_meltdown currently ranked #1 on HBH (last time I checked at least)

I know how to do in this level you can pm me if you want. Its a simple buffer overflow. I suggest you to download from the site all papers and tutorials about c and buffer overflow before start whit challenges that are for intermediate and advanced users so dont hope to get help. Read the pdf of Gathering of Gray about c in programming section and you will learn how to exploit that level.

AldarHawk wrote: SMs == system_meltdown currently ranked #1 on HBH (last time I checked at least)

Sorry, I dident know that.

Dont worry, anyways I really think we should get something sorted in this area anyone got any ideas?

well im as confused as bluepain on level1 i can buffer overflow but i cant see how to disassemble this one(gdb doesnt work) and it doesnt dump its core. help me O.o

Hehe… This should keep me amused for a while… Thanks whoever brought this up

can someone whos done this pm me something like how many bits after the buffer the EIP is :)

you need to work that out :p Its all part of the challenge ;)

damn lol im guessing its just guessing going up a byte at a time? lol and youre supposed to /bin/bash right?

Happysmileman wrote: Hehe… This should keep me amused for a while… Thanks whoever brought this up

No, Problem :) But I cold really need some help. ;)

Are you guys able to login to blowfish.smashthestack.org using ssh on port 2223? It gives me some error message that the host is unaccesible. :angry:

yeah i think its down at the moment :(

Read the part V pdf file of Gathering of Gray. Download this file from smashthestack site.

About System_Meltdown and nanoymaster, we all know what can do these too members, theyre very skilled hackers but atm in this challenge i saw only the nanonymaster tag in the index file LOL(you can see the larika tag also).

To beat this level you need a good knowledge of c, gdb, asm, bof. And remember is for advanced users so study before play.

Larika wrote: About System_Meltdown and nanoymaster, we all know what can do these too members, theyre very skilled hackers but atm in this challenge i saw only the nanonymaster tag in the index file LOL(you can see the larika tag also).

Yes, I gave up with the shitty simulations I prefer to root a real box

My box is still up for rooting. If simulations bore you :)

Info please :evil:

Im agree, i prefer real rooting and webhacks too. But im not agree whit the shitty simulations thing. Smashthestack offer very good simulation in which you can learn and test your skills about c,asm,bof etc as HBH do for other things. I dont understand why you dont consider HBH challenges shitty simulations too. When HBH will offer more rooting challenges youll leave these to us? I think not. These sites offer to us a good opportunity and support to learn a lot of things, and they deserve our respect.

The problem with rooting is not many ISPs like the idea of you using their lines to allow someone to hack your computer.

They tend to get a lil skiddish. (skiddish != Skiddy)

Bl4ckC4t

If skiddish is != Skiddy what is it equal to?

Grindordie wrote: [quote]mr noob wrote: hbh rooting game FTW :D

Actually we used to have one, we had two events. They were real machines but people couldn't hack them. (even though most services were vulnerable). During the second event, people lost interest and gave up. Thats why HBH doesnt have any more rooting challenges. [/quote]

How about bringing them back for a while? There's more members now and quite a few are keen on the idea.

When did we have the second one????

confused

cubeman372 wrote: If skiddish is != Skiddy what is it equal to?

The word skiddish as in apprehensive.

BC

[edit] Damn misspelled words..[/edit]

I see, Blackcat.

Yea it would be awesome if you would bring rooting back!

cubeman372 wrote: My box is still up for rooting. If simulations bore you :)

^^ donate !

If I recall, SkareCrow won that last competition, which I was very close to beating with the same SSH method.

once you are running your virtual server then what… thats what I'm slightly confused with, do I just hand out the IP or do I need to do more setting up?