Official Passage Discussion

16791112

Comments

  • Type your comment> @carbide said:

    To those who stuck on root - you can be sure you're on the right way staying home, and also don't forget to watch for processes running by root. Pspy might help you.

    This is wrong/unintended. Try the same after resetting the machine. You can't see what you saw already in 'ps' and 'pspy' will not connects the dots together. This happens when you doing the machine which is already compromised by someone and left it in broken state. Make sure to reset it and try again. :)

    A Chemist doing Penetration Testing - Check the Story here: BinaryBiceps

  • edited September 2020

    Type your comment> @gunroot said:

    Type your comment> @carbide said:

    To those who stuck on root - you can be sure you're on the right way staying home, and also don't forget to watch for processes running by root. Pspy might help you.

    You can't see what you saw already in 'ps' and 'pspy' will not connects the dots together.

    Actually I saw that thing everytime I ran pspy, and I ran it many times to be honest, as I spent 1.5 days working on the machine. I was just unable to notice it, or maybe I was, but even the idea of it being the way to go seemed idiotic to me.

    Reading hints here not only doesn't help one, it implicitly makes it even worse for the following reasons: these hints are confusing, non-making any sense, make you question your current direction and, finally, your own skills. There's only one percent of 1% who really bother to provide useful hints and not leave a spoiler (pretty hard) to those who really need help and are stuck, the rest just bother to show everyone they haxed the machine, that they have skills or something like that.

    So, I strongly recommend always follow yours own intuition, and if you need a hint, you can just DM someone and ask them to give you a clear hint, as hints that are meant to be useful and not spoiling at the same time are very confusing, and unlikely are to help.

  • @carbide don't take it deep. I'm also pwned this machine exactly the same way you did. For a clarification, I asked the Machine Creator if this is the way or not. He said that my way is an unintended method. So I again did the root part after resetting in the intended way.

    Moreover, people can't give a direct hint here as it will be flagged as spoiler. All they can do is providing a blurry pointer to us.

    Let's discuss about this one. ;)

    A Chemist doing Penetration Testing - Check the Story here: BinaryBiceps

  • Anyone able to help with root?

  • @wooly13 said:

    Anyone able to help with root?

    Yes

    TazWake

    Note: https://www.nohello.com/

    Happy to help people but PLEASE explain your problem in as much detail as possible! If you say vague things like "It's not working", I cant help. This isn't Twitter so my DMs are always open.

  • Type your comment> @wooly13 said:
    > Anyone able to help with root?

    Yes, if you mention where you're stuck.

    A Chemist doing Penetration Testing - Check the Story here: BinaryBiceps

  • rooted finally, very funny box ^_^

  • edited September 2020

    Spoiler Removed

  • @chiefgreek said:

    can see how root is obtained with the command but need user 2 creds even with sudo - been thru the man page

    Then you've got something wrong. You don't need sudo for this.

    TazWake

    Note: https://www.nohello.com/

    Happy to help people but PLEASE explain your problem in as much detail as possible! If you say vague things like "It's not working", I cant help. This isn't Twitter so my DMs are always open.

  • Just rooted Passage, nice machine! I really enjoyed this one. Many thanks, @ChefByzen for creating this machine. For every part from the user to root, please read every file carefully!

    If you've been stuck an need a nudge, please DM

    t13nn3s
    You can find write-ups and walkthroughs on my personal blog: https://binsec.nl

  • Rooted. Message for help

  • edited October 2020

    any nudge for user1? , i have like 5 hashes i cant crack any of them

    UPDATE: gotcha

  • i am in p*ul directory but when i try to pass the user.txt (flag for user) htb says incorrect flag..?anyone know why this happening

  • @xenofon said:
    i am in p*ul directory but when i try to pass the user.txt (flag for user) htb says incorrect flag..?anyone know why this happening

    ok its done ,sorry

  • any nudge for root?

  • edited October 2020

    for rooting there are multiple boxes that you can do the technique i used,just remember to enumerate maybe are hidden files...and spy

  • Rooted, the hardest part for me was getting the first user after the foothold. After that it went really quick. I feel like I just had some lucky intuition today though. Very fun box.

  • Type your comment> @ml19 said:

    Initial foothold took me longer than it should have taken, simply following the information given.
    User1, was on right piece but ignored it first
    User2, facepalm
    root, once knowing where to look for, easy to find the right way

    i felt the facepalm thing

  • Thanks for this nice box, it was straightforward except for root.

    I think exploiting the vuln described in the blog post would be more interesting if applied to a different case. I mean a case for which you can't just copy paste what's on the blog. Would be a harder box though.

    Would be nice if you guys can DM the way you "weaponized" the vuln for root, I am interested in ways different than what I did.

    FaguoZai

  • Got root with a little nudge from @TazWake.

    This is a very nice machine imho. Also here are very good hints, so no need for me to say anything.

    Feel free to message me if you want a little nudge.

    Hack The Box

  • Finally root!! great box! thank you @ChefByzen took me tons of hours on this one :smiley:

    [email protected]:~# hostname && id
    passage
    uid=0(root) gid=0(root) groups=0(root)

    Initial= zoom in then google. :wink:
    User1 = find that user!
    User2 = you shouldn't be sharing this
    Root = know your rights and remember, there's no place like home.

    I'd like to thank my wife for the motivational death stares. Time to sleep! :smiley:

  • Type your comment> @bigoteman said:

    > I'd like to thank my wife for the motivational death stares. Time to sleep! :smiley:

    It's beautiful. ❤️

    A Chemist doing Penetration Testing - Check the Story here: BinaryBiceps

  • Just rooted this box! It's rated as a medium, but I quickly got the foothold and first user so I thought it was just an easy.

    At that point, my enumeration and my instincts told me I need to pivot to another user that I found to get to root. That pivot slowed me down and then a good hint helped me get to user 2. I'm ashamed I overlooked that. SMH.

    From there, the escalation to root is what made this box a medium.

    DM if you need a nudge.

    zalpha
    OSCP | CISSP | CSSLP

    Respect always welcome if I can help you: https://www.hackthebox.eu/home/users/profile/140630

  • Anyone else have problems submitting flags for this box? Mine aren't being accepted...

  • @thehandy said:

    Anyone else have problems submitting flags for this box? Mine aren't being accepted...

    This might help: https://forum.hackthebox.eu/discussion/comment/83802/#Comment_83802

    TazWake

    Note: https://www.nohello.com/

    Happy to help people but PLEASE explain your problem in as much detail as possible! If you say vague things like "It's not working", I cant help. This isn't Twitter so my DMs are always open.

  • Got it rooted, thanks!

  • Rooted!! Had some great nudges for user. After that it was basic enumeration.

    I am taking my OSCP next Friday and I can say that this machine embodies so much of the material that I have learned. In my opinion, this encompasses so much of what you need.

    Also, your knowledge of programming and scripting will make this machine a piece of cake. Either that or you will have to do some things manually which will take forever but will still work. This is actually the main reason it is so good for OSCP. PRACTICE YOUR SCRIPTING, PEOPLE

  • edited November 2020

    Spoiler Removed

Sign In to comment.