Official Passage Discussion

Type your comment> @tomski said:

Hi all, I cannot spawn a good tty shell. I am using 48*, I get the netcat, but when I try to spawn a real tty, it freezes (I have to close the terminal because I can no longer use it).

I use the
python3 -c ‘import pty;pty.spawn(“/bin/bash”);’
then ctrl+z
then
export SHELL=bash
export TERM=xterm256-color
stty rows 37 columns 114
reset

what do I do wrong?

It doesn’t always work. sometimes you have to just use the shell you’ve got.

The only shell upgrade step I used on this box was python -c 'import pty;pty.spawn("/bin/bash")'

just rooted, but only because of luck

i commented yesterday said that i pieced little stuff together and that i can’t wait to implement getting root today, turned out after another 12hrs of parsing ps output and reading docs, it’s a dead end (?)
then i came here collect hints wishing they would help which is another mistake, soon i find myself not thinking how a function work but is its name start with letter n or whatever, then i start to hate myself
finally i give up and go no brainer google every bus name with the word “vuln” appended

now im sitting here not as proud as i expected, i thought im gonna be “My first box! PM for nudges! ;D” but eh i still feel useless edit: also a bit foggy as i encounter so much terms while bumping around, would be happy if i truely made sense of them all, but im afraid i just developed a sys of rediculous theories hehe

hi everyone! need some hint on user2 here…

@w41l3r said:

hi everyone! need some hint on user2 here…

Enumeration. Look where you landed.

that said will check out pm, if you think i can help why not : >

also yeah today i pasted some mysterious command into search box “what does this script do in the context of authentication?” “it’s terminal color code”
i still can’t get over it

Finally rooted:) My hints below :smile:

-Foothold : very easy, don’t pay attention to what may stop you and enumerate by hand

-User1 : If you got foothold, this part would be also easy : try to crack something.

-User2 : Enumerate all files in user1 directory.

-Root : As others says, take the bus to catch the root flag (but look into your home directory).

got the root flag…

foothold-> to get root need some google enumeration the path is straight forward as you did for older version.
ping me if you need help

Rooted!

This was an interesting machine! Probably the foothold is the easiest of all but still the machine is not that hard. Here my hints:

  • Initial Foothold: Basic Enumeration is your friend. Do not try to bruteforce.
  • User 1: check on how the framwork works and you’ll get what you need
  • User 2: find whatever these users are sharing between them
  • Root: Basic system enumeration will tell you what to do

Hope this helps!

Type your comment> @maskop9 said:

Initial foothold : Google
User1 : Look around
User2 : Look around
root : Corona time, catch a bus and get back home; don;t come out #staysafe

I know this is months late but I am just getting to this box. thank you. I hate looking for hints some times but this box had me really stumped until I read this

nice box,

unfortunately I only got user2 with root
What have I learned?
some users would even share the toothbrush … :smiley:
unbelievable… .

Thx @ChefByzen

hmm, got foothold (nice one)
got user 1, user 2 but can use a hint to get root.
“stay home, public transportation and covid so use a mask” left me clueless :neutral:

bang, hit by a bus, rooted :smiley:

My second box on here. Pretty cool stuff!
I had gotten stuck after foothold for several hours but it seemed that I overlooked some files I found some time earlier so I looked at some hints on here and checked again and voila.
I actually tried the bus thing while I was trying to get user 1, so going back to that, it just took me 2-3 minutes to get root after user 2. And thankfully I didn’t spend a lot of time to get user 2. That was very unexpected indeed.

If anyone is stuck, do what I did and read every comment from page 1. Really good hints in here.

Rooted. Great machine. Thanks @ChefByzen.

Rooted. Some good hints in this forum, but if you’re stuck feel free to DM me with where you’re at and what you’ve tried so far.

Nice box and some neat details… Specially the last user’s name :slight_smile:

This was a really nice box ! Thanks @ChefByzen

Preparing for OSCP exam this box was my second active machine here. I’m not coming from IT background but I fairly enjoyed working all the way through to get root. Have learnt heaps Thanks @ChefByzen

Noob here but I’m trying to open the IP address in a web browser and Its just loading forever. Any advice would be great, sorry Im new to this but its an amazing skill to have.

Sorry for the noob question (long time without cracking boxes) Does anyone able to ssh it with user/pass only? Got some passes but cannot ssh’them. Thanks!

@deibit said:

Sorry for the noob question (long time without cracking boxes) Does anyone able to ssh it with user/pass only?

I dont think so. I think it is key based auth only.

Got some passes but cannot ssh’them. Thanks!

If they are useful, there might be other things you can do.