Jesus god christ what a guy. Really. Who told him how to hack slutbox? This guy is just unbelievably amusing. I was just reading the logs - here's what he has managed:

1. Compiled 'linux.c' (many, many times!) without uploading it
2. Uploaded a large part of his 'My Documents' folder
3. Gotten frustrated, deleted his 'My Documents' folder (from slut-box)
4. Given up, ended the connections
5. Tried again, issued command 'root' several times hoping to get root
6. Finally uploaded the dreaded 'linux.c' and even compiled it OK, but
7. Tried like 6 separate wrong command lines to execute the resulting executable
8. Given up again, ended the connections
9. Returned again, downloading the bash history file
10. Ran random commands from it, getting him lost into the 'passwd' tool
11. Finally ROOTed the slutbox!
12. Many failed attempts using 'cd /root', including some after he already was in '/root'
13. Numerous troubles creating a greetz file, especially with his nick "!cE" that gets interpreted by the shell
14. Finally got the greetings right (sort of) and left right after that
15. At this point, some other guy logged in and tried to run !cE's exploit for quite a few times, unsuccessfully
16. !cE returned again! Again having trouble with running the exploit and changing the directory and leaving a message
17. Left (for good, I think)

Not to mention using ftp to get listings of the directories (he did discover 'ls' later on, though).

Now, although this is funny, it's nothing to be ashamed of. We all started from nothing and !cE's resiliance and (although comical) repeated attempts to get things done that actually work in the end are really amazing (considering that most people just run a portscan or nessus scan on the box and leave right after that). You have my respect.

Ah, yes, the greetings:

[root@zoot /root]# cat file.txt 
blub
owned by ice greetz to gsc and thanks tuxi for helping. this is the 3 german person that owned this boxs!

Would you consider writing a short summary of how you managed to hack the slutbox and what difficulties you faced in the proccess? You propably have just the right perspective that many more skilled attackers may lack. It would be perfect. Oh please write something!

[root@zoot /root]# cat Owned.by.Mentality 
Woot. Nice Challenge

He tried several exploits but it was the ptrace exploit that let him gain root (although this was a different version of the ptrace exploit).

On a different note, I might change the OS next week. If you have any suggestions, let me know. Or just come back and see what has been installed.

[root@zoot /root]# cat tuxi.rulez 
###########
Owned by tuxi
I owned the box through an old non-public root exploit
I have not deletet it but please don't public

Greets to the hole GSC-Team and to Phuket :-D
and yes i am the third hacker of germany
btw. very nice g4m3 :-D
###########

If I haven't missed any, this should be the 4th time slutbox has been owned. This time, however, tuxi didn't use the "lame ftp vulnerability" - in fact, tuxi promised to fix it the next time! A local ptrace exploit did the trick.

I rm'd the exploit so that just about anybody couldn't own the box right after logging on.

For those who wish to try local exploits (there should be plenty of), username/password combination wargame/wargame might come in handy.

[root@zoot /root]# ls
owned  owned.by.Jubel
[root@zoot /root]# cat owned
Phuket was here
Thx for this cool game ;)
Hello World :P
Jubeltrubel was here, thx for this nice game
Greetz fly out to Phuket,Crip,M8 and the Hoster :) cYa

The ftp hole once more, i have reason to believe. Anyone want to fix it? :)

There was a problem with the forwarding script finding iptables executable. I can't imagine how that ever happend. Anyways, online again (hopefully).

[root@zoot /root]# cat owned
Phuket was here
Thx for this cool game ;)

Owned by Phuket! Shit!

Slightly later the same day we got another (anonymous) guy owning the box. So, it's two first out-of-house break-ins on the same day. As both used the same hole in ftpd, I need to ask, are there any other ways to get in? Hopefully we'll find out.

Try it out. For instructions, read this.