Thread replies: 36
Thread images: 3
Thread images: 3
init.d (ID: !!ZcgBMfSwnql)
Rogue Daemon #1 2016-10-29 02:39:44 Post No. 762525
[Report] Image search: [Google]
Rogue Daemon #1 2016-10-29 02:39:44 Post No. 762525
[Report] Image search: [Google]
File: background.png (32KB, 800x450px) Image search:
[Google]
32KB, 800x450px
In the year 2061, a legendary hacker found himself confronted by two strangers in an alleyway.
The men, brooding with ill intent, stepped forward. In the hand of one, a butterfly knife. In the hand of another, a baseball bat.
The legendary hacker did not survive this encounter. He was left to bleed out onto the pavement, and the men disappeared back into the darkness.
You are not the legendary hacker. You’re what he’s left behind. His ghost, designed to carry out his final instructions.
You are curse.exe, a sophisticated, self-aware, and sentient AI.
Your purpose is to find the person who ordered your creator’s death, and return the favor.
But the world is a big place. And the longer you’re active, the more likely it is that you’ll be discovered and shut down.
But if you can survive long enough, you may be able to unravel the mystery behind what happened that night behind a bar in the Corridor.
Time is running out, and it’s time to get to work.This is the version where the OP isn't completely botched. Please disregard the other, abortive attempt to start this thread.
>>
You are currently running on your creator’s old server, running bare metal. It’s rather dated, but you have full access to his documents and his hacking software suite. It’s a start.
You have the following utilities at your disposal currently:
netmap.exe – a network mapping utility that will display the open ports of any network-connected machine you can access.
infoseek.sh – a powerful search script with the ability to create a basic profile of most individuals by scraping various social networks, popular news sites, and databases. The information obtained can be piped into a file.
tumble.exe – an extremely versatile password brute-force cracker. Used to guess login passwords across most services. Roll a 1d100, the first post to include a roll will be accepted as the result of the attempt. Rolling a 90 or higher will result in a successfully cracked password, any lower and all attempts by will turingmachine.exe to obtain the password will fail. By being able to guarantee 6 case-sensitive or more in the password, you will only need to roll a 75 to successfully crack it.
holepunch.bat – A basic FTP exploit that can bypass authentication on any erosFTP versions 6.0.1 and earlier. This version is still in use by many desktop distributions of PantheonOS, since users have been reluctant to adopt the newer PantheonOS 9 which patches this vulnerability.
replicate.exe – compiles and activates curse.exe on any device you have root SSH access to.
You may run one process per update with the current amount of memory available to you after allocation for your own process. Operations like searching through and listing files, as well as any reads, writes, deletions and transfers between devices are built into curse.exe and do not require any memory.
So long as an instance of curse.exe is running somewhere, you are still alive. But if all instances of curse.exe are killed, it’s game over.
Your move, curse.exe.
[email protected] >
>>
I saw you planning this on Discord.
>>
>>762547
>List all files currently on server
>Run netmap.exe
>>
>>762547
[email protected] > dir
[email protected] > netmap.exe
[email protected] > whoami
>>
File: tegaki.png (25KB, 400x400px) Image search:
[Google]
25KB, 400x400px
>>762568
I think you mean
>[email protected] >ls
>[email protected] >netmap.exe
>>
>List all files currently on the server
>dir
You find the following files in the /home directory.
README.md
transfer.txt
denbts.txt
contract.pdf
>netmap.exe
Netmap defaults to reading your own open ports. This server currently has ports 21, 22, 80, 443, and 25565 open. That corresponds to FTP, SSH, HTTP, HTTPS, and Minecraft.
>>
Process Errata Update - please read new manpage
tumble.exe – an extremely versatile password brute-force cracker. Used to guess login passwords across most services. Roll a 1d100, the first post to include a roll will be accepted as the result of the attempt. Rolling a 90 or higher will result in a successfully cracked password, any lower and all attempts by turingmachine.exe to obtain the password this turn will fail. By being able to guarantee a 6 character case-sensitive string or more in the password, you will only need to roll a 75 to successfully crack it.
>>
>>762661
[email protected] > README.md
>>
>>762661
[email protected] > README.md
[email protected] > transfer.txt
[email protected] > denbts.txt
[email protected] > contract.pdf
[email protected] > tasklist
[email protected] > cd ..
>>
>>762661
>Minecraft
Maybe our perfect and infallible creator left us a message in that game?
Maybe he pissed of the kid of someone important and dangerous
>>
>>762796
>cat README.md | less
== This is the Home Directory of Brian Spinelli ==
You've either gotten into this box by successfully hacking my "oh so secure" minimal operating system, or you're my ghost just waking up after my biosignal went silent and activated you.
If you're the former, you'll be hearing from me shortly. Don't worry, you'll know it's me. :^)
But if you're curse.exe, well, I've bit the bullet for real this time, haven't I? You're what I've devised as karmic payback, a fail safe against somebody thinking they can just burn me and get away with it. I deal with a lot of jobs ranging from the perfectly legal to the extraordinarily illegal, so I presumably have a lot of enemies. In case you haven't checked denbts yet either, you should probably know that I'm not the most responsible person.
Your goal is simple: find the person who burned me, and return the favor. I had a small embedded computer on me that pinged you when I died, you should be able to access that by digging through the logs for the IP address that sent it and tunneling in. That thing was a pain to get under my skin without anesthetic, but fortunately the moonshine they had in the clinic was strong enough to help me ride it out.
This machine already has my private SSH key, don't worry about having to break in or anything. You may want to do it before they find my body and tear that box apart for scrap. Good luck, and have fun!
1/3
>>
>cat denbts.txt | less
Well, he was in deep alright, tens of thousands of dollars deep. He owes his landlord about $614.53, some guy who’s listed only as “thericefieldmuthafucka” here $2,500, $71,000 in student debt, and the Girl Scouts $17.41. He’s made a note about the Girl Scouts that reads “most intimidating, do NOT fuck with”.
>docuread chatlog.pdf
The contract reads out as a penetration testing job for Clairmont Private Security, which would be a basic security review of the company for a sum of $10,000 USD. The letter purports to be sent by one Igor Rachmaninoff at the company.
>top
Standard system processes aside, there appears to be an FTP server, some sort of custom webserver, and Minecraft running. It seems fairly consistent with the ports open, nothing appears to be out of the ordinary.
>cd ..
You’re now in the root directory of this box.
2/3
>>
>>763011
You'd log in and check out the server yourself as a player, except there's one problem:
You don't have a Minecraft account.
You can probably look over the logs for the server though, or poke around the map files a bit.
3/3
>>
>>763050
[email protected] > dir /s /b > /home/asdf.txt
[email protected] > cd home
[email protected] > git clone https://github.com/Tiiffi/mcrcon
[email protected] > cd mcrcon
[email protected] > gcc -std=gnu11 -pedantic -Wall -Wextra -O2 -s -o mcrcon mcrcon.c
>>
>>763107
>dir /s /b > /home/asdf.txt
dir: cannot access /s: No such file or directory
dir: cannot access /b: No such file or directory
You might want to list out the directories on the root before making random guesses where stuff is, you think to yourself.
>git clone https://github.com/Tiiffi/mcrcon
Cloning into 'mcrcon...
fatal: unable to access 'https://github.com/': Couldn't resolve host 'github.com'
Well. That didn't work at all.
>>
>>763179
[email protected] > tree > /home/asdf.txt
>>
>>763018
>https://github.com/Tiiffi/mcrcon
tail -50 /var/log/access.log | tail -50
Lets see the last thing that attempted to call back over SSH.
>>
>>763236
I mean
> | less
tail -50 /var/log/access.log | less
derp.
>>
>>763218
You slap the whole of the system's file tree into a file in the home directory.
>>763236
Thank christ, at least logging is working. Looks like there's two IP addresses in the logs that communicated with this machine. There was SSH access from the local machine 192.168.1.4, and a remote access from a device 4.250.24.0 via FTP. Looks like it placed a lone file, /var/ftp/deathnote.txt before terminating the connection.I hope you guys do know you can use colloquial language to describe your interactions with the files on a machine or running processes.
>>
>>763354
>/var/ftp/deathnote.txt
let's give that a read. Afterwards, I'd like to see if we can SSH to 4.250.24.0 since that might be our hacker's body implant. Since our hacker said that recovering data off the embedded system is kinda time sensitive.. I'd rather investigate this sooner than later.
>>
>>763493
Sure, why not?
>>
>>763354
[email protected] > python
[email protected] > help("modules")
[email protected] > exit()
[email protected] > cat /var/ftp/deathnote.txt | less
>>
ITT: command line habits exposed
>>
>>764256
[email protected] > ipconfig /displaydns > /home/dns.txt
>>
>>763493
>>763528
>>764256
You decide to check out the file that got uploaded to this server's FTP directory.
AUTOMATED DEATH REPORT
Name - Brian Spinelli
Biosignature Lost - 01:48:51 October 27th, 2061
Coordinates - 40.389827, -74.465423
Cranial Trauma Registered at 01:40:58 October 27th, 2061
Likely Cause of Death - Blunt Force Trauma
>>763354
You SSH in, and the lack of a password prompt confirms your suspicions about this device. It's his embedded biocomputer alright.
The gravity of having access to your creator's dead corpse starts to sink in, but you put those thoughts out of your head as you try to scope out the situation.
It seems this little embedded box has a few utilities of its own:
eyepipe.ps1 - access your creator's augmented ocular implant for live streaming video
wificonnect.exe - connect to a nearby public wifi network, default behavior lists networks
ping.sh - emit a barely audible beep from the cheap piezo buzzer on the embedded computer
What next?
>>
>>766012
[email protected] > ipconfig /displaydns > /home/dns.txt
[email protected] > cat /home/asdf.txt | less
[email protected] > ipconfig /displaydns > /home/dns.txt
[email protected] > cat /home/dns.txt | less
>>
>>
>>766386
Viewing the DNS cache and the file tree
>>
File: 0014AM - 10-30-2061.jpg (62KB, 900x563px) Image search:
[Google]
62KB, 900x563px
>>766386
>PENUMBRA OPEN OCULAR IMPLANT ONLINE
>EYEPIPE STREAMING
You get your first glance at the world outside, through the eye of a corpse strewn across the pavement of a Corridor alleyway.
It's raining, and the scene of the crime is devoid of life.
You take a snapshot of the lonesome space and stash it away for future inspection.
wificonnect brings up a lone network in the area, BALLMERSPEAK. It is public.
>>766021
>>766402
>2061
>still using ipconfig
>>
>>769078
[email protected] > echo %PATH%
>>
>>770468
We check the path back on our primary box, nothing but /usr/local/bin and /usr/bin. We checked these directories looking for the executables we'v already found so far, a double check didn't really turn up anything.
>>
>>774035
[email protected] > eyepipe.ps1
>>
>>774042
It's still raining, and the alleyway is still empty. It's unlikely that anyone's going to be walking around back here for a while.The embedded computer isn't killnet.io, buddy.
>>
>>774082
>wificonnect.exe /help
>ping.sh /help
>>
>>769078
Connect and then nmap that shit.
Thread posts: 36
Thread images: 3
Thread images: 3