Official Passage Discussion

1246710

Comments

  • edited September 7
    @maurotambo

    Brute-forcing isn't the way. Just read some articles in google about the WebPage.

    A Chemist doing Penetration Testing - Check the Story here: BinaryBiceps

  • Rooted . Easy box. PM for help!

  • in case anyone is stuck where I was: try

    sed 's/[[:blank:]]*$//'

  • i am actually really confused for user 2 looked at so much stuff, but no result. Any hints?

  • Type your comment> @LegendHacker said:
    > i am actually really confused for user 2 looked at so much stuff, but no result. Any hints?

    What is a file that could belong to another user?

    limelight

  • edited September 7

    Type your comment> @limelight said:

    Type your comment> @LegendHacker said:

    i am actually really confused for user 2 looked at so much stuff, but no result. Any hints?

    What is a file that could belong to another user?

    used the find command but still nothing interesting :(

  • Type your comment> @LegendHacker said:
    > Type your comment> @limelight said:
    >
    > (Quote)
    > used the find command but still nothing interesting :(

    Don't look at ownership. Look at contents.

    limelight

  • Type your comment> @limelight said:

    Type your comment> @LegendHacker said:

    Type your comment> @limelight said:

    (Quote)
    used the find command but still nothing interesting :(

    Don't look at ownership. Look at contents.

    I don't get it lol

  • Im stuck after getting the reverse shell. Can somebody give me a hint where to search for getting the access to one of the users?

  • Rooted. I got the foothold nice and quick then found the required details for the next user.... only to not use it and forget I'd found it. Got there eventually.
    Feel free to PM for pointers.

    Arrexel
    eJPT

  • edited September 7

    Deleted.

    A Chemist doing Penetration Testing - Check the Story here: BinaryBiceps

  • Genuinely enjoyable box and pleased that I could make progress after about 8 hours of total fail on laser.

    The flow is fairly methodological. Enumeration (as always) is key and public exploits get things started.

    It's a good box to practice copying files off and scripting translations between encoding.

    TazWake

    Happy to help people but PLEASE explain your problem in as much detail as possible!

    Also: https://www.nohello.com/

  • Got Root :)
    For the root flag, wouldn't be able to do it without the hints in the Forum.
    And even so, was looking for the wrong PRIV for hours :smiley:

  • Rooted. idk what people are talking about read a book or a novel or whatever, and I don't get how the name of the box plays into the rooting method. Maybe I missed something, lol.

    Otherwise, not too easy, not too hard, just right.

    Hack The Box

  • @pizzapower said:

    I don't get how the name of the box plays into the rooting method.

    Box names can mean lots of things, it isn't that common for them to relate to root specifically. Magic and Quick for example were both named as a hint to the initial foothold.

    Sometimes it is even just the name of a website hosted on the target machine.

    But yeah, on this box I am not sure what the name is related to.

    TazWake

    Happy to help people but PLEASE explain your problem in as much detail as possible!

    Also: https://www.nohello.com/

  • Rooted yesterday. Fun box! PM for nuggets. Let me know what you tried first though ;)

    Hack The Box
    If I helped you, I would love it if you cold +rep me on my HTB proifle.
    Somehow OSCP

    Also I will reply quicker on Discord. Hit me up Fr0sty 9#9550

  • Rooted!

    PM for nudges

  • I got a shell and i found h***es.txt file but the content is super messed up and none of those hashes seems to be crackable... any nudges?

  • edited September 8
    @pedroguerrap said:

    > I got a shell and I found h***es.txt file but the content is super messed up and none of those hashes seems to be crackable... any nudges?

    You might miss something.
    Check what type of Hash it in here before trying to crack https://www.tunnelsup.com/hash-analyzer/

    A Chemist doing Penetration Testing - Check the Story here: BinaryBiceps

  • @gunroot I figured out what I was doing wrong, now I'm trying to get root, I was stuck for so long bc of stupid mistake...

  • It's been two days, I had no idea how many people would be trying this within the first week.

    Well done, everyone

    ChefByzen
    If I helped you out at all, feel free to click my badge and give +1 respect!

  • really easy machine but very cleaver one different than others!!! well done @ChefByzen

    Scorpion4347

  • Got User 1 and User 2. Tried looking around if there's any binary or file that stands out, but couldn't find any. Not sure what the ""staying home..." tips exactly mean. I'll appreciate any sort of help.

  • Spoiler Removed

    Scorpion4347

  • rooted, PM for help

  • Initial foothold took me longer than it should have taken, simply following the information given.
    User1, was on right piece but ignored it first
    User2, facepalm
    root, once knowing where to look for, easy to find the right way

  • Rooted! Pretty fun box! feel free to PM for help!

    SIG

  • edited September 8

    Spoiler Removed

    Serious? Ohh a small sploiler... Bill Joy will not be happy...

    Fr0Ggi3sOnTour

  • Good easy box to not get rusty (I'm ashamed of myself running in circles for hrs not finding the user1 -> user2 "transit area").
    Enjoyed the release arena a lot. Box is active in seconds and you have the box for yourself.

    k4wld
    Discord: k4wld#5627

  • edited September 8

    Type your comment> @TazWake said:

    But yeah, on this box I am not sure what the name is related to.

    Maybe relates to the user1 -> user2 "transit / passage"?

    k4wld
    Discord: k4wld#5627

Sign In to comment.