Official Passage Discussion

168101112

Comments

  • Is anyone else having problems with the box always being down. Its been one complete day and I couldn't even perform a proper enumeration because the box is always down.

  • Really fun box, taught me to always go back to basics, never overlook them. PM me if you're stuck.

    Feel free to PM me, but please ask good questions: https://www.shorturl.at/fmAX6

  • Type your comment> @blacViking said:
    > Is anyone else having problems with the box always being down. Its been one complete day and I couldn't even perform a proper enumeration because the box is always down.

    There is Fail2Ban implemented. If you bruteforce anything it will ban your IP for couple of minutes.

    sparrow1

  • Hi Guys,

    After getting in any hints for 1st user ?? Have stuck a bit..

    Hack The Box

  • @xxTMGxx said:

    Hi Guys,

    After getting in any hints for 1st user ?? Have stuck a bit..

    It really depends on where and why you are stuck. Visit in a browser, read the links, found out whats there, exploit it, get a shell.

    TazWake

    Note: https://www.nohello.com/

    Happy to help people but PLEASE explain your problem in as much detail as possible! If you say vague things like "It's not working", I cant help. This isn't Twitter so my DMs are always open.

  • Great and enjoyable machine. Get a shell is easy just Google it, first and second user took me some time to figure out the way and root password lot of searching and looking around. PM if you need some help.

  • Type your comment> @TazWake said:

    @xxTMGxx said:

    Hi Guys,

    After getting in any hints for 1st user ?? Have stuck a bit..

    It really depends on where and why you are stuck. Visit in a browser, read the links, found out whats there, exploit it, get a shell.

    Got shell and inside as www-data

    Hack The Box

  • @xxTMGxx said:

    Got shell and inside as www-data

    Ok to move from that account to the next one, you need to enumerate. Find something. Make it readable. Crack it. Use it.

    TazWake

    Note: https://www.nohello.com/

    Happy to help people but PLEASE explain your problem in as much detail as possible! If you say vague things like "It's not working", I cant help. This isn't Twitter so my DMs are always open.

  • edited September 2020

    Hi !
    I've easely got the user1 but im stuck on user2 i've seen that user2 leave something in the home of user1, but he ask me for.. what you know.
    Is there a part of guessing or am I missing something ?

    Thanks :)

  • Type your comment> @Worty said:

    Hi !
    I've easely got the user1 but im stuck on user2 i've seen that user2 leave something in the home of user1, but he ask me for.. what you know.
    Is there a part of guessing or am I missing something ?

    Thanks :)

    A joke I made elsewhere today is that a lot of this is guesswork, we just call it fuzzing/enumeration to sound better.

    It depends on what you mean by user1 and user2 in this context, to get a shell as root you may have gone through three "accounts" on the box (root being the fourth) but some people dont consider one of them a "user" so may skip it in their counting.

    What I would suggest is to enumerate. If you can describe what you find, you might find what you need.

    TazWake

    Note: https://www.nohello.com/

    Happy to help people but PLEASE explain your problem in as much detail as possible! If you say vague things like "It's not working", I cant help. This isn't Twitter so my DMs are always open.

  • Type your comment> @TazWake said:

    Type your comment> @Worty said:

    Hi !
    I've easely got the user1 but im stuck on user2 i've seen that user2 leave something in the home of user1, but he ask me for.. what you know.
    Is there a part of guessing or am I missing something ?

    Thanks :)

    A joke I made elsewhere today is that a lot of this is guesswork, we just call it fuzzing/enumeration to sound better.

    It depends on what you mean by user1 and user2 in this context, to get a shell as root you may have gone through three "accounts" on the box (root being the fourth) but some people dont consider one of them a "user" so may skip it in their counting.

    What I would suggest is to enumerate. If you can describe what you find, you might find what you need.

    By user1 i mean the user which contains in his home folder user.txt !

  • @Worty said:

    By user1 i mean the user which contains in his home folder user.txt !

    And other things. Have a look at them.

    TazWake

    Note: https://www.nohello.com/

    Happy to help people but PLEASE explain your problem in as much detail as possible! If you say vague things like "It's not working", I cant help. This isn't Twitter so my DMs are always open.

  • Type your comment> @TazWake said:

    @Worty said:

    By user1 i mean the user which contains in his home folder user.txt !

    And other things. Have a look at them.

    And in this home i've seen something owned by user2 (n****) but when I try to switch to this user he ask me a kind of password ;) .

  • @Worty said:

    And in this home i've seen something owned by user2 (n****) but when I try to switch to this user he ask me a kind of password ;) .

    Its worth looking for a thing which will let you access without any kind of password.

    TazWake

    Note: https://www.nohello.com/

    Happy to help people but PLEASE explain your problem in as much detail as possible! If you say vague things like "It's not working", I cant help. This isn't Twitter so my DMs are always open.

  • edited September 2020

    Rooted the machine, it was a fun box. User and Root both were interesting
    Thanks @PapyrusTheGuru for the nudges.

    User1->User2:They both share the same way to get in
    For people on the root part, you just need to look at the other files too in the home.

    PM if you need help

  • And rooted. The foothold was one of the trickiest parts. I was so confused when i couldn't find the directory until I realized that capitalization is important.
    Thanks to @ChefByzen for the awesome box

    kneedeep

    Reality is often disappointing.

  • Rooted machine !

    I liked a lot this machine. For the users part it was very easy but the root part very difficult to find what ti is juice. I appreciate who nudge me to root, address me where to look in.

  • cant figure out the right binary for root!
    a little help guyz

  • just rooted this box, but the way I rooted it was more of guess work, does anyone care to PM me about how you got to know about this exploit. And someone in the discussion said that there are more then one way to get to root, anyone wants to discuss about it?

  • hey everyone ! I've been stuck on root for a long time and clues here don't really help me... Tried a bunch of stuff, enumerated a lot but I'm clearly missing something (but I'm a beginner)...

  • @Slowtech said:

    hey everyone ! I've been stuck on root for a long time and clues here don't really help me... Tried a bunch of stuff, enumerated a lot but I'm clearly missing something (but I'm a beginner)...

    When you enumerate, look at all the files you can find which would normally come up on a enum search. Check them out and see if any can be exploited. There is a good blog post on how to use it.

    TazWake

    Note: https://www.nohello.com/

    Happy to help people but PLEASE explain your problem in as much detail as possible! If you say vague things like "It's not working", I cant help. This isn't Twitter so my DMs are always open.

  • edited September 2020

    Rooted,
    Fun box :) - awesome work @ChefByzen
    Thank you @TazWake for the initial nudge :)

    Always happy to help others. 100% human

    https://www.mindfueldaily.com/livewell/thank-you/

  • Rooted !
    Thanks @TazWake and @ChefByzen for the nudge, I totally missed the file, thinking it was not supposed to be here...
    Really fun box, learned a lot on this one

  • Wonderful machine! Thanks @ChefByzen. Root was fantastic - I'm happy that I could study (and exploit) that vulnerability.

    OSCP | RHCE | CKA

  • Very Interesting and fun box .. First box on HTB that I did in one day :smiley:

    Initial Foothold :

    • Look through the website properly you will find clues
      User 1:

    • Result of initial foothold is sufficient enough to get you this user
      User 2:

    • Dig through all the files and you will find interesting stuff
      User 3:

    • Its just a call away..Keep your brain's window wide open
      Root:

    • So far the only trickiest thing in the whole box .. follow previous hints "Stay Home" the passage to other world goes underground.

    DM me for nudges . Lovely box

  • got both users fast but stuck on root for several days... cant find anything interesting in home directory :( my thoughts were that i can do smthing with .X**** file but i still cant find decision. can anyone help me please to take me in right way? PM or here.
    thank you! :)

    he110w0r1d

  • @he110w0r1d said:

    got both users fast but stuck on root for several days... cant find anything interesting in home directory :( my thoughts were that i can do smthing with .X**** file but i still cant find decision. can anyone help me please to take me in right way? PM or here.
    thank you! :)

    The best non-spoiler I can come up with is:

    https://forum.hackthebox.eu/discussion/comment/83584/#Comment_83584

    TazWake

    Note: https://www.nohello.com/

    Happy to help people but PLEASE explain your problem in as much detail as possible! If you say vague things like "It's not working", I cant help. This isn't Twitter so my DMs are always open.

  • Type your comment> @TazWake said:

    @he110w0r1d said:

    got both users fast but stuck on root for several days... cant find anything interesting in home directory :( my thoughts were that i can do smthing with .X**** file but i still cant find decision. can anyone help me please to take me in right way? PM or here.
    thank you! :)

    The best non-spoiler I can come up with is:

    https://forum.hackthebox.eu/discussion/comment/83584/#Comment_83584

    Thank you, @TazWake ! Checked everything again line by line and found a solution.
    Nice and funny machine.

    he110w0r1d

  • edited September 2020

    DONE! What a box!

    [email protected]:~# pwd && id
    /root
    uid=0(root) gid=0(root) groups=0(root)

    Hack The Box
    CISSP | eJPT

  • edited September 2020

    To those who stuck on root - you can be sure you're on the right way staying home, and also don't forget to watch for processes running by root. I hope it's not much of a spoiler. If you cannot find any interesting file inside home, read all the files again and again, you'll finally get what you need. pspy might help you connect some dots together, and direct you to the correct path. And the last - always take it easy, don't get frustrated.

    Have fun from process, not result.

Sign In to comment.