Official Passage Discussion

cant figure out the right binary for root!
a little help guyz

just rooted this box, but the way I rooted it was more of guess work, does anyone care to PM me about how you got to know about this exploit. And someone in the discussion said that there are more then one way to get to root, anyone wants to discuss about it?

hey everyone ! I’ve been stuck on root for a long time and clues here don’t really help me… Tried a bunch of stuff, enumerated a lot but I’m clearly missing something (but I’m a beginner)…

@Slowtech said:

hey everyone ! I’ve been stuck on root for a long time and clues here don’t really help me… Tried a bunch of stuff, enumerated a lot but I’m clearly missing something (but I’m a beginner)…

When you enumerate, look at all the files you can find which would normally come up on a enum search. Check them out and see if any can be exploited. There is a good blog post on how to use it.

Rooted,
Fun box :slight_smile: - awesome work @ChefByzen
Thank you @TazWake for the initial nudge :slight_smile:

Rooted !
Thanks @TazWake and @ChefByzen for the nudge, I totally missed the file, thinking it was not supposed to be here…
Really fun box, learned a lot on this one

Wonderful machine! Thanks @ChefByzen. Root was fantastic - I’m happy that I could study (and exploit) that vulnerability.

Very Interesting and fun box … First box on HTB that I did in one day :smiley:

Initial Foothold :

  • Look through the website properly you will find clues
    User 1:
  • Result of initial foothold is sufficient enough to get you this user
    User 2:
  • Dig through all the files and you will find interesting stuff
    User 3:
  • Its just a call away…Keep your brain’s window wide open
    Root:
  • So far the only trickiest thing in the whole box … follow previous hints “Stay Home” the passage to other world goes underground.

DM me for nudges . Lovely box

got both users fast but stuck on root for several days… cant find anything interesting in home directory :frowning: my thoughts were that i can do smthing with .X**** file but i still cant find decision. can anyone help me please to take me in right way? PM or here.
thank you! :slight_smile:

@he110w0r1d said:

got both users fast but stuck on root for several days… cant find anything interesting in home directory :frowning: my thoughts were that i can do smthing with .X**** file but i still cant find decision. can anyone help me please to take me in right way? PM or here.
thank you! :slight_smile:

The best non-spoiler I can come up with is:

Type your comment> @TazWake said:

@he110w0r1d said:

got both users fast but stuck on root for several days… cant find anything interesting in home directory :frowning: my thoughts were that i can do smthing with .X**** file but i still cant find decision. can anyone help me please to take me in right way? PM or here.
thank you! :slight_smile:

The best non-spoiler I can come up with is:

Official Passage Discussion - #232 by TazWake - Machines - Hack The Box :: Forums

Thank you, @TazWake ! Checked everything again line by line and found a solution.
Nice and funny machine.

DONE! What a box!

root@passage:~# pwd && id
/root
uid=0(root) gid=0(root) groups=0(root)

To those who stuck on root - you can be sure you’re on the right way staying home, and also don’t forget to watch for processes running by root. I hope it’s not much of a spoiler. If you cannot find any interesting file inside home, read all the files again and again, you’ll finally get what you need. pspy might help you connect some dots together, and direct you to the correct path. And the last - always take it easy, don’t get frustrated.

Have fun from process, not result.

Type your comment> @carbide said:

To those who stuck on root - you can be sure you’re on the right way staying home, and also don’t forget to watch for processes running by root. Pspy might help you.

This is wrong/unintended. Try the same after resetting the machine. You can’t see what you saw already in ‘ps’ and ‘pspy’ will not connects the dots together. This happens when you doing the machine which is already compromised by someone and left it in broken state. Make sure to reset it and try again. :slight_smile:

Type your comment> @gunroot said:

Type your comment> @carbide said:

To those who stuck on root - you can be sure you’re on the right way staying home, and also don’t forget to watch for processes running by root. Pspy might help you.

You can’t see what you saw already in ‘ps’ and ‘pspy’ will not connects the dots together.

Actually I saw that thing everytime I ran pspy, and I ran it many times to be honest, as I spent 1.5 days working on the machine. I was just unable to notice it, or maybe I was, but even the idea of it being the way to go seemed idiotic to me.

Reading hints here not only doesn’t help one, it implicitly makes it even worse for the following reasons: these hints are confusing, non-making any sense, make you question your current direction and, finally, your own skills. There’s only one percent of 1% who really bother to provide useful hints and not leave a spoiler (pretty hard) to those who really need help and are stuck, the rest just bother to show everyone they haxed the machine, that they have skills or something like that.

So, I strongly recommend always follow yours own intuition, and if you need a hint, you can just DM someone and ask them to give you a clear hint, as hints that are meant to be useful and not spoiling at the same time are very confusing, and unlikely are to help.

@carbide don’t take it deep. I’m also pwned this machine exactly the same way you did. For a clarification, I asked the Machine Creator if this is the way or not. He said that my way is an unintended method. So I again did the root part after resetting in the intended way.

Moreover, people can’t give a direct hint here as it will be flagged as spoiler. All they can do is providing a blurry pointer to us.

Let’s discuss about this one. :wink:

Anyone able to help with root?

@wooly13 said:

Anyone able to help with root?

Yes

Type your comment> @wooly13 said:

Anyone able to help with root?

Yes, if you mention where you’re stuck.

rooted finally, very funny box :slight_smile: