Official Passage Discussion

When I try to change the user must be run from a terminal ,i dont know how to resolve this problem

Type your comment> @dulcea said:

When I try to change the usermust be run from a terminal,i dont know how to resolve this problem

Turn your connection into something recognised as a terminal. Look at “shell upgrades” on google.

Type your comment> @TazWake said:

Type your comment> @dulcea said:

When I try to change the usermust be run from a terminal,i dont know how to resolve this problem

Turn your connection into something recognised as a terminal. Look at “shell upgrades” on google.

thanks very much !!! I get users,it’s really usful

Rooted!
I don’t know if I was lucky this time or this box was actually easy! :smiley:

Hi all, I cannot spawn a good tty shell. I am using 48*, I get the netcat, but when I try to spawn a real tty, it freezes (I have to close the terminal because I can no longer use it).

I use the
python3 -c ‘import pty;pty.spawn(“/bin/bash”);’
then ctrl+z
then
export SHELL=bash
export TERM=xterm256-color
stty rows 37 columns 114
reset

what do I do wrong?

Type your comment> @tomski said:

Hi all, I cannot spawn a good tty shell. I am using 48*, I get the netcat, but when I try to spawn a real tty, it freezes (I have to close the terminal because I can no longer use it).

I use the
python3 -c ‘import pty;pty.spawn(“/bin/bash”);’
then ctrl+z
then
export SHELL=bash
export TERM=xterm256-color
stty rows 37 columns 114
reset

what do I do wrong?

It doesn’t always work. sometimes you have to just use the shell you’ve got.

The only shell upgrade step I used on this box was python -c 'import pty;pty.spawn("/bin/bash")'

just rooted, but only because of luck

i commented yesterday said that i pieced little stuff together and that i can’t wait to implement getting root today, turned out after another 12hrs of parsing ps output and reading docs, it’s a dead end (?)
then i came here collect hints wishing they would help which is another mistake, soon i find myself not thinking how a function work but is its name start with letter n or whatever, then i start to hate myself
finally i give up and go no brainer google every bus name with the word “vuln” appended

now im sitting here not as proud as i expected, i thought im gonna be “My first box! PM for nudges! ;D” but eh i still feel useless edit: also a bit foggy as i encounter so much terms while bumping around, would be happy if i truely made sense of them all, but im afraid i just developed a sys of rediculous theories hehe

hi everyone! need some hint on user2 here…

@w41l3r said:

hi everyone! need some hint on user2 here…

Enumeration. Look where you landed.

that said will check out pm, if you think i can help why not : >

also yeah today i pasted some mysterious command into search box “what does this script do in the context of authentication?” “it’s terminal color code”
i still can’t get over it

Finally rooted:) My hints below :smile:

-Foothold : very easy, don’t pay attention to what may stop you and enumerate by hand

-User1 : If you got foothold, this part would be also easy : try to crack something.

-User2 : Enumerate all files in user1 directory.

-Root : As others says, take the bus to catch the root flag (but look into your home directory).

got the root flag…

foothold-> to get root need some google enumeration the path is straight forward as you did for older version.
ping me if you need help

Rooted!

This was an interesting machine! Probably the foothold is the easiest of all but still the machine is not that hard. Here my hints:

  • Initial Foothold: Basic Enumeration is your friend. Do not try to bruteforce.
  • User 1: check on how the framwork works and you’ll get what you need
  • User 2: find whatever these users are sharing between them
  • Root: Basic system enumeration will tell you what to do

Hope this helps!

Type your comment> @maskop9 said:

Initial foothold : Google
User1 : Look around
User2 : Look around
root : Corona time, catch a bus and get back home; don;t come out #staysafe

I know this is months late but I am just getting to this box. thank you. I hate looking for hints some times but this box had me really stumped until I read this

nice box,

unfortunately I only got user2 with root
What have I learned?
some users would even share the toothbrush … :smiley:
unbelievable… .

Thx @ChefByzen

hmm, got foothold (nice one)
got user 1, user 2 but can use a hint to get root.
“stay home, public transportation and covid so use a mask” left me clueless :neutral:

bang, hit by a bus, rooted :smiley:

My second box on here. Pretty cool stuff!
I had gotten stuck after foothold for several hours but it seemed that I overlooked some files I found some time earlier so I looked at some hints on here and checked again and voila.
I actually tried the bus thing while I was trying to get user 1, so going back to that, it just took me 2-3 minutes to get root after user 2. And thankfully I didn’t spend a lot of time to get user 2. That was very unexpected indeed.

If anyone is stuck, do what I did and read every comment from page 1. Really good hints in here.

Rooted. Great machine. Thanks @ChefByzen.

Rooted. Some good hints in this forum, but if you’re stuck feel free to DM me with where you’re at and what you’ve tried so far.

Nice box and some neat details… Specially the last user’s name :slight_smile: