Questions

I apologize if I’m posting this in the wrong location. The passwd file on the Metasploitable VM in CTF has been stripped of all permissions even for the root user. I’m not sure if this was intentional but I wanted to notify someone because it’s not accessible at the moment.

metasploit is your friend. look for vulnerable services and their corresponding modules, the metasploitable line of VMs can be rooted with metasploit alone in my experience (versions 1 and 2)
just be sure to set up port forwarding.