Official Passage Discussion

@maurotambo

Brute-forcing isnā€™t the way. Just read some articles in google about the WebPage.

Rooted . Easy box. PM for help!

in case anyone is stuck where I was: try

sed ā€˜s/[[:blank:]]*$//ā€™

i am actually really confused for user 2 looked at so much stuff, but no result. Any hints?

Type your comment> @LegendHacker said:

i am actually really confused for user 2 looked at so much stuff, but no result. Any hints?

What is a file that could belong to another user?

Type your comment> @limelight said:

Type your comment> @LegendHacker said:

i am actually really confused for user 2 looked at so much stuff, but no result. Any hints?

What is a file that could belong to another user?

used the find command but still nothing interesting :frowning:

Type your comment> @LegendHacker said:

Type your comment> @limelight said:

(Quote)
used the find command but still nothing interesting :frowning:

Donā€™t look at ownership. Look at contents.

Type your comment> @limelight said:

Type your comment> @LegendHacker said:

Type your comment> @limelight said:

(Quote)
used the find command but still nothing interesting :frowning:

Donā€™t look at ownership. Look at contents.

I donā€™t get it lol

Im stuck after getting the reverse shell. Can somebody give me a hint where to search for getting the access to one of the users?

Rooted. I got the foothold nice and quick then found the required details for the next userā€¦ only to not use it and forget Iā€™d found it. Got there eventually.
Feel free to PM for pointers.

Deleted.

Genuinely enjoyable box and pleased that I could make progress after about 8 hours of total fail on laser.

The flow is fairly methodological. Enumeration (as always) is key and public exploits get things started.

Itā€™s a good box to practice copying files off and scripting translations between encoding.

Got Root :slight_smile:
For the root flag, wouldnā€™t be able to do it without the hints in the Forum.
And even so, was looking for the wrong PRIV for hours :smiley:

Rooted. idk what people are talking about read a book or a novel or whatever, and I donā€™t get how the name of the box plays into the rooting method. Maybe I missed something, lol.

Otherwise, not too easy, not too hard, just right.

@pizzapower said:

I donā€™t get how the name of the box plays into the rooting method.

Box names can mean lots of things, it isnā€™t that common for them to relate to root specifically. Magic and Quick for example were both named as a hint to the initial foothold.

Sometimes it is even just the name of a website hosted on the target machine.

But yeah, on this box I am not sure what the name is related to.

Rooted yesterday. Fun box! PM for nuggets. Let me know what you tried first though :wink:

Rooted!

PM for nudges

I got a shell and i found h***es.txt file but the content is super messed up and none of those hashes seems to be crackableā€¦ any nudges?

@pedroguerrap said:

I got a shell and I found h***es.txt file but the content is super messed up and none of those hashes seems to be crackableā€¦ any nudges?

You might miss something.
Check what type of Hash it in here before trying to crack Hash Analyzer - TunnelsUP

@gunroot I figured out what I was doing wrong, now Iā€™m trying to get root, I was stuck for so long bc of stupid mistakeā€¦