Official Passage Discussion

Just rooted Passage, nice machine! I really enjoyed this one. Many thanks, @ChefByzen for creating this machine. For every part from the user to root, please read every file carefully!

If you’ve been stuck an need a nudge, please DM

Rooted. Message for help

any nudge for user1? , i have like 5 hashes i cant crack any of them

UPDATE: gotcha

i am in p*ul directory but when i try to pass the user.txt (flag for user) htb says incorrect flag…?anyone know why this happening

@xenofon said:
i am in p*ul directory but when i try to pass the user.txt (flag for user) htb says incorrect flag…?anyone know why this happening

ok its done ,sorry

any nudge for root?

0wned

for rooting there are multiple boxes that you can do the technique i used,just remember to enumerate maybe are hidden files…and spy

Rooted, the hardest part for me was getting the first user after the foothold. After that it went really quick. I feel like I just had some lucky intuition today though. Very fun box.

Type your comment> @ml19 said:

Initial foothold took me longer than it should have taken, simply following the information given.
User1, was on right piece but ignored it first
User2, facepalm
root, once knowing where to look for, easy to find the right way

i felt the facepalm thing

Thanks for this nice box, it was straightforward except for root.

I think exploiting the vuln described in the blog post would be more interesting if applied to a different case. I mean a case for which you can’t just copy paste what’s on the blog. Would be a harder box though.

Would be nice if you guys can DM the way you “weaponized” the vuln for root, I am interested in ways different than what I did.

Got root with a little nudge from @TazWake.

This is a very nice machine imho. Also here are very good hints, so no need for me to say anything.

Feel free to message me if you want a little nudge.

Finally root!! great box! thank you @ChefByzen took me tons of hours on this one :smiley:

root@passage:~# hostname && id
passage
uid=0(root) gid=0(root) groups=0(root)

Initial= zoom in then google. :wink:
User1 = find that user!
User2 = you shouldn’t be sharing this
Root = know your rights and remember, there’s no place like home.

I’d like to thank my wife for the motivational death stares. Time to sleep! :smiley:

Type your comment> @bigoteman said:

I’d like to thank my wife for the motivational death stares. Time to sleep! :smiley:

It’s beautiful. :heart:

Just rooted this box! It’s rated as a medium, but I quickly got the foothold and first user so I thought it was just an easy.

At that point, my enumeration and my instincts told me I need to pivot to another user that I found to get to root. That pivot slowed me down and then a good hint helped me get to user 2. I’m ashamed I overlooked that. SMH.

From there, the escalation to root is what made this box a medium.

DM if you need a nudge.

Anyone else have problems submitting flags for this box? Mine aren’t being accepted…

@thehandy said:

Anyone else have problems submitting flags for this box? Mine aren’t being accepted…

This might help: Cache - #466 by TazWake - Machines - Hack The Box :: Forums

Got it rooted, thanks!

Rooted!! Had some great nudges for user. After that it was basic enumeration.

I am taking my OSCP next Friday and I can say that this machine embodies so much of the material that I have learned. In my opinion, this encompasses so much of what you need.

Also, your knowledge of programming and scripting will make this machine a piece of cake. Either that or you will have to do some things manually which will take forever but will still work. This is actually the main reason it is so good for OSCP. PRACTICE YOUR SCRIPTING, PEOPLE

Rooted. If you need some help, DM me.