Official Coder Discussion

myshell · April 3, 2023, 1:31pm

I’m stuck with this otp… which app should I use to import the backup?

M4TRIXH4CK3R · April 3, 2023, 2:55pm

Anyone will please help me regarding file reverse. Got some error while running reverse code.

myshell · April 3, 2023, 2:59pm

Uncipher code is very similar to cipher code, you only need to replace the Encryptor by a Decryptor, change the mode for the files and swap the read and write operations. The “hard” part is to find the initial value for the random. UPDATE: If the key is invalid, the uncipher will fail, maybe it’s the errors you have.

RudeusGreyrat · April 3, 2023, 5:13pm

I am also stuck on the otp. I am not sure if we are supposed to bypass it using a web vuln or use the info we found before to legitimately find a code. The second option seem complicated (a lot of crypto )

d3midr01 · April 3, 2023, 5:21pm

ffuf + 2fa.req

gio_da_sicilia · April 3, 2023, 5:42pm

Sometimes OTP does’t need.
Go to the easy way.
Use KeePass

lim8en1 · April 3, 2023, 6:11pm

try file <decrypted.file> on your linux box
It should be some well-known type of file

crash2overload · April 3, 2023, 7:02pm

Anybody here already got System? Hanging in the air with this. On User I might can give some hints

chappy · April 3, 2023, 7:13pm

do I need to decrypt Authenticator backup codes
or 6-digit wfuzz

M4TRIXH4CK3R · April 3, 2023, 7:16pm

Able to execute commands but not able to get shell as antivirus blocks me. Any hint regarding this?

crash2overload · April 3, 2023, 7:18pm

There are some places in a Windows, where you always can put stuff…I’m pretty sure a cat will find it nice there. And if you call here with a cmd she will call for you

Rezol · April 3, 2023, 8:14pm

It’s not difficult with rockyou, but you will spend time researching the authentificator source code.

chappy · April 3, 2023, 8:35pm

i don’t search for authentificator source code
i’m searching for decrypting
info from the keypass .kdbx ==> note { ***:{encrypted:true, “hash”:"61}

crash2overload · April 3, 2023, 8:39pm

nothing of this…

chappy · April 3, 2023, 8:53pm

thank’s
i’m using ffuf -request -http2
but it don’t find the six digits pass

lim8en1 · April 3, 2023, 11:28pm

Finally rooted that box, a big thanks to @PinkIsntWell, @evilByt3, and Xsploit2 (aka SomeOneGood) for helping me out. The box is very nice, for PE it is hard to find the right tools but once you find them the way is pretty straightforward. User is long & hard with a lot of problems to solve.
Overall it was a valuable learning experience
And another hint for the root: check your groups - that is the way.

wwb167 · April 4, 2023, 1:37am

any luck? i crunched all combinations of 6 digits, and used ffuf for the bruteforcing, but can’t find the right one.

Edit: don’t worry, eventually got it, all headers need to be included, can dump the req from burp then pass to ffuf

chappy · April 4, 2023, 3:44am

Someone receives this message
Cleanup in Progress - Teamcity
When he fuzz on 6 Digit Code

Volen · April 4, 2023, 6:58am

Pass the 2FA, but stuck on teamcity.
Maybe need Higher Permission?

d3midr01 · April 4, 2023, 7:27am

You already have the permission you need.