วีดีโอ

I am here.😁😁😁

You're doing a fantastic job! Just a quick off-topic question: My OKX wallet holds some USDT, and I have the seed phrase. (alarm fetch churn bridge exercise tape speak race clerk couch crater letter). Could you explain how to move them to Binance?

1st

How you identify ip of the machine?

Amazing as always.❤❤❤

I am downloading panabee...😁😁😁

I am here.😁😁😁

I am here.😁😁😁

nice

Thanks for the breakdown! Could you help me with something unrelated: I have a SafePal wallet with USDT, and I have the seed phrase. (alarm fetch churn bridge exercise tape speak race clerk couch crater letter). Could you explain how to move them to Binance?

I am here.😁😁😁

Nice

This was almost annoying and definitely not an easy machine; I wonder why the author described it that way😄😄

Erverytime I practice on a new box, I learn something new.😁😁😁

I have been learning. I plan to practice at least one machine a week, since I want to robust my foundation of hacking and pen-testing, I have to review network fundamental knowledge and keep practicing coding. After my foundation is robusted, I think I can practice more machines a week. 😁😁😁

I will do this machine, today.😁😁😁Thx

i did everything same as you but when i input it doesn`t output the /bin/bash line, only /bin/su and others, so i can`t escalate. why is that?

Please raise your voice 🙏

I am here.😁😁😁

What should happen after we got the flag.txt on Straylight

Thank you for your video

Thank you for uploading videos every day.

I am here.😁😁😁

I like your skills ❤

Nice

I am here.😁😁😁

take care of your health.

Improve you captions ie label the vulnhub as depicting the technology ie apis, ssrf,csrf etc if they are web

I am here.😁😁😁

Thank you for your video

I have been recently having some difficulties using my NAT Network, so that my kali and vulnhub machines can share the same network. It used to work, but for some reason it doesn't now, it shows the network is disconnected. I literally tried everything, but still can't. If you could help please?

❤❤❤❤. Amazing as always

I am here.😁😁😁

❤

:)

I am here.😁😁😁

I am here.😁😁😁

Thank you for your video

Thank You

and BONUS; **OUT** and **GUESS** in uppercase likely indicate something significant. Searching on Google, we found the following information about **Outguess**: Outguess is a tool that allows you to hide messages within images. It analyzes an image to find redundant bits that can be altered without causing noticeable changes. By accessing the root user's `bash_history` file, we identified the exact command executed: ```bash $ outguess -d flag2.txt blacklight.jpg flag2-inside.jpg ``` To reverse this process, simply run: ```bash $ outguess -r flag2-inside.jpg flag2.txt Reading flag2-inside.jpg.... Extracting usable bits: 18496 bits Steg retrieve: seed: 180, len: 133 # cat flag2.txt {flag2:88ea7554cbc7e89526943e9ad5d3ce2ed5ec3db4} ``` **Francis Bacon says:** `BAAAAAABAAAAAAAAAABB AABAABAABAAAABA AAAABAAAAAAAABAABBABABBAA` **Second flag identified.** Further analysis of the `bash_history` file revealed another command: ```bash $ nano /etc/bacon ``` Since this file is not native to the system, it’s worth investigating: ```bash $ cat /etc/bacon {flag3:7cc90cfe5304801c0ed71d76bb4a92062d967bb9} Congratulations! Thanks for using BLACKLIGHT v1! I hope you enjoyed this CTF and come back for more :) ``` **All flags found!** --- ### **Bonus:** You might have noticed that the admin console (mk1) provided a command called `readhash`. ```bash $ nc 10.0.2.13 9072 BLACKLIGHT console mk1. Type .help for instructions .help .readhash - Get one step closer .exec - Execute commands .quit - Exit the server ``` The output of this command is a SHA-256 hash: ```bash .readhash b5f4723bd6df85b54b0905bd6d734be9ef1cc1eb977413a932a828b5c52ef5a6 You have one more command until the server shuts down. Choose wisely! ``` **Hash-Identifier confirmed this as SHA-256.** To crack the hash, we attempted using a dictionary from the `robots.txt` file but were unsuccessful: ```bash $ john --format=raw-sha256 --wordlist=blacklight.dict hash.txt Using default input encoding: UTF-8 Loaded 1 password hash (Raw-SHA256 [SHA256 128/128 SSE2 4x]) Press 'q' or Ctrl-C to abort, almost any other key for status 0g 0:00:00:00 DONE (2018-10-23 20:13) 0g/s 9950p/s 9950c/s 9950C/s zzzzzz..covfefe Session completed ``` **Better luck next time!**

**Outguess** is a tool that enables you to hide messages within images. It analyzes an image looking for redundant bits that can be modified without causing noticeable changes. By accessing the `bash_history` file of the root user, we identified the exact command that was executed: ```bash $ outguess -d flag2.txt blacklight.jpg flag2-inside.jpg ``` To reverse the process, simply run: ```bash $ outguess -r flag2-inside.jpg flag2.txt Reading flag2-inside.jpg.... Extracting usable bits: 18496 bits Steg retrieve: seed: 180, len: 133 # cat flag2.txt {flag2:88ea7554cbc7e89526943e9ad5d3ce2ed5ec3db4} ``` **Francis Bacon says:** `BAAAAAABAAAAAAAAAABB AABAABAABAAAABA AAAABAAAAAAAABAABBABABBAA` **Second flag identified.** Further analysis of the `bash_history` file revealed another command: ```bash $ nano /etc/bacon ``` Since we know this file is not native to the system, it’s worth taking a look: ```bash $ cat /etc/bacon {flag3:7cc90cfe5304801c0ed71d76bb4a92062d967bb9} Congratulations! Thanks for using BLACKLIGHT v1! I hope you enjoyed this CTF and come back for more :) ``` **All flags found!**

I used GVIM to edit the bin file to hex file. It works.😁😁😁

And I saved the hex file and successfully used xxd to transfer it back to bin . it works...😁😁😁finally.

The problem is the content has the hex codes but it does not have the string in the far right.🤣🤣🤣

I tried another editor hexedit and it did not work...🤣🤣🤣

I changed the font of the vim and it did not work.🤣🤣🤣

Because when I cat the file the content is readable, I think I need to change the font of the vim?🤣🤣🤣

I tried to set the font of the system but I did not know which one to choose. Usually, I choose UTF8

what can I do?😁😁😁

I get a problem, I have dumped the client.bin file but when I use the vim to open file, the content is not like yours but when I cat the client.bin.dump, the content is exactly like yours, and I think I need to set the font of the vim, or the font of the system, but I do not know how. Helps. thx