I’ve managed to get myself completely stuck on the last part of the Privilege Escalation in the HTB Academy.
All signs point towards getting hold of the users id_rsa, copy and chmod, and then ssh in with the copied credentials. However when I do this I’m asked for a password and that’s as far as I can get.
I did notice something though, when I was doing a very similar task on TryHackMe, I copied over the contents of the id_rsa, and pasted them into a blank document via the file manager. When I saved the file, the icon changed to a key (which says to me that linux has recognised it as an ssh key), but when I do the same procedure in the HTB instance, it stays as a generic text file, suggesting that it’s not recognised as a key, and that would be why the password is still asked for.
I have absolutely no idea how to get round this issue, so any help would be appreciated!
After banging my head against a wall for weeks, I was watching one of John Hammond’s videos, and he made a point of mentioning that when copying id_rsa keys, you need to make sure that there is a blank line at the bottom, underneath where it says “End of Key”.
Thank you for this post MetalMonkey667. I’ve spent days trying to get past this. I’ve copied the id_rsa file to both nano and vim, and added and extra line at the end. In each case, when I try to ssh to user2 using the file, I get the error:
Load key “id_rsa”: invalid format
If I do anything else (eg pre adding the extra line), I get asked for a password for user2, which of course I don’t have.
It sounds so straightforward, but is there a specific way to add the extra line in vim so I don’t get the format error please?
I get the error message Load key “id_rsa”: invalid format when trying to connect to root with ssh user@spawn -i id_rsa.
I have tried to copy the private key content on a new files in my local machine using both vim and nano and same results.
Is anyone have an idea of why I get that result?
Hello, after several hours trying the same thing I ended up giving up because despite the help on the forums I can not connect as root with the ssh key, I am always asked for a password that I am obviously not, I followed to the letter all the comments on the forums nothing works would someone be in the same case as me please? sorry for my English is Google Translate
EXERCISE NOTES: Prompt 1:SSH into the server above with the provided credentials, and use the ‘-p xxxxxx’ to specify the port shown above. Once you login, try to find a way to move to ‘user2’, to get the flag in ‘/home/user2/flag.txt’.
ssh [given user]@[given ip] -p [given port number of target IP]
sudo -l
sudo -su user2
cd ~
ls
cat flag.txt
Prompt 2:Once you gain access to ‘user2’, try to find a way to escalate your privileges to root, to get the flag in ‘/root/flag.txt’.
whoami
cat /root/.ssh/id_rsa
copy results
cd ~
On a new cmd console (not within user2 of target ip but a cmd on the hackthebox user home) :
vim id_rsa
paste contents into id_rsa
Note: You can delete lines with the shift + v for visual mode (should not need to complete exercise). Source: [How can I delete multiple lines in vi? - Stack Overflow]
(How can I delete multiple lines in vi? - Stack Overflow)