Official Passage Discussion

Rooted !
I actually rooted it the first time because someone dropped a very sensitive file in /tmp, and I thought that was it… Stupid me, lol. Nonetheless, please clean up your workplace before leaving.
A friend of mine told me that wasn’t supposed to be the way, so I went back to try and see if I could do it without benefiting of someone else’s carelessness.
And I did ! For some reason it took me ages to get the command to work fine, but eventually I got root.
Fun box, thanks @ChefByzen !

Oh, and I agree that the name of the box is very related to the way you become root. Maybe it makes more sens in some languages than others ?

Fun box! recommended as the first box media to start
Congrats @ChefByzen !

Pm for nudges :wink:

@crash0 said:
Rooted.
Whilst the foothold and the users were a good teaching, I think the root was a bit on the CTF side of things. After many enumeration scripts returning nothing, how on Earth should that path be visible?

I was out of hairs when I tried something dumb and it resulted in a good privesc blog post, tbh.

Congrats on rooting it!

I’m glad you were able to learn something about manual enumeration and finding user files :slight_smile: scripts don’t have all the answers… And they’ll likely get you caught if you’re not careful with them.

Is anyone else having problems with the box always being down. Its been one complete day and I couldn’t even perform a proper enumeration because the box is always down.

Really fun box, taught me to always go back to basics, never overlook them. PM me if you’re stuck.

Type your comment> @blacViking said:

Is anyone else having problems with the box always being down. Its been one complete day and I couldn’t even perform a proper enumeration because the box is always down.

There is Fail2Ban implemented. If you bruteforce anything it will ban your IP for couple of minutes.

Hi Guys,

After getting in any hints for 1st user ?? Have stuck a bit…

@xxTMGxx said:

Hi Guys,

After getting in any hints for 1st user ?? Have stuck a bit…

It really depends on where and why you are stuck. Visit in a browser, read the links, found out whats there, exploit it, get a shell.

Great and enjoyable machine. Get a shell is easy just Google it, first and second user took me some time to figure out the way and root password lot of searching and looking around. PM if you need some help.

Type your comment> @TazWake said:

@xxTMGxx said:

Hi Guys,

After getting in any hints for 1st user ?? Have stuck a bit…

It really depends on where and why you are stuck. Visit in a browser, read the links, found out whats there, exploit it, get a shell.

Got shell and inside as www-data

@xxTMGxx said:

Got shell and inside as www-data

Ok to move from that account to the next one, you need to enumerate. Find something. Make it readable. Crack it. Use it.

Hi !
I’ve easely got the user1 but im stuck on user2 i’ve seen that user2 leave something in the home of user1, but he ask me for… what you know.
Is there a part of guessing or am I missing something ?

Thanks :slight_smile:

Type your comment> @Worty said:

Hi !
I’ve easely got the user1 but im stuck on user2 i’ve seen that user2 leave something in the home of user1, but he ask me for… what you know.
Is there a part of guessing or am I missing something ?

Thanks :slight_smile:

A joke I made elsewhere today is that a lot of this is guesswork, we just call it fuzzing/enumeration to sound better.

It depends on what you mean by user1 and user2 in this context, to get a shell as root you may have gone through three “accounts” on the box (root being the fourth) but some people dont consider one of them a “user” so may skip it in their counting.

What I would suggest is to enumerate. If you can describe what you find, you might find what you need.

Type your comment> @TazWake said:

Type your comment> @Worty said:

Hi !
I’ve easely got the user1 but im stuck on user2 i’ve seen that user2 leave something in the home of user1, but he ask me for… what you know.
Is there a part of guessing or am I missing something ?

Thanks :slight_smile:

A joke I made elsewhere today is that a lot of this is guesswork, we just call it fuzzing/enumeration to sound better.

It depends on what you mean by user1 and user2 in this context, to get a shell as root you may have gone through three “accounts” on the box (root being the fourth) but some people dont consider one of them a “user” so may skip it in their counting.

What I would suggest is to enumerate. If you can describe what you find, you might find what you need.

By user1 i mean the user which contains in his home folder user.txt !

@Worty said:

By user1 i mean the user which contains in his home folder user.txt !

And other things. Have a look at them.

Type your comment> @TazWake said:

@Worty said:

By user1 i mean the user which contains in his home folder user.txt !

And other things. Have a look at them.

And in this home i’ve seen something owned by user2 (n****) but when I try to switch to this user he ask me a kind of password :wink: .

@Worty said:

And in this home i’ve seen something owned by user2 (n****) but when I try to switch to this user he ask me a kind of password :wink: .

Its worth looking for a thing which will let you access without any kind of password.

Rooted the machine, it was a fun box. User and Root both were interesting
Thanks @PapyrusTheGuru for the nudges.

User1->User2:They both share the same way to get in
For people on the root part, you just need to look at the other files too in the home.

PM if you need help

And rooted. The foothold was one of the trickiest parts. I was so confused when i couldn’t find the directory until I realized that capitalization is important.
Thanks to @ChefByzen for the awesome box

Rooted machine !

I liked a lot this machine. For the users part it was very easy but the root part very difficult to find what ti is juice. I appreciate who nudge me to root, address me where to look in.