I am trying to get the user flag on Markup. The premise is, you do an XXE and get the contents of the id_rsa file. In the walkthrough the response came back in BurpSuite, for me, for some reason it didn’t.
Instead I got the file contents in a popup window on the website itself, that usually notifies the user that their order is successful.
I got my SSH key in the same popup window and pasted it into a new file, titled id_rsa. Then I have followed the walkthrough, ran the chmod and tried to ssh with the private key (commands, copied verbatim from the tutorial):
My question is, what is the valid format here? I seem to have mine in the following:
-----BEGIN OPENSSH PRIVATE KEY-----
<36 lines of the key itself, ending with '=='>
-----END OPENSSH PRIVATE KEY-----
I tried generating my own id_rsa to see if the format differs anyhow. It didn’t really, except that there were around 50 lines in the file in total and instead of “OPENSSH” it had “RSA”, which I have tried changing in the key I copied to no avail.
Should there be a new line anywhere? This is definitely the key, why is SSH unhappy?
This command will generate an id_rsa.conv and the generated file will already have the correct permissions (chmod 600). Ssh-ing with id_rsa.conv got me into Daniel’s desktop.
I don’t know if it’s a combination of things I’ve done previously, but id_rsa was a freshly copied and pasted key into a new file, I’ve nuked all my previous attempts and started over. I’ve also noticed that previously the very same command didn’t work, so it must be the fact it’s a new file.
Glad you got to the bottom of it and thanks for posting your solution for others (sorry I couldn’t help, Linux and SSH keys are not my strong suit lol). Too many people just say “nvm I fixed it” and don’t explain what they did for other people with the same issue
No worries, thank you for posting! I realise this is a very niche problem, but this is the beauty of the forums - there is a very high chance that someone might have struggled with the exact same issue. And if I am the only one - may as well fill this gap and ease the unnecessary struggles for others
Here is a little addition, that has just occurred to me today to address the problem of copying and pasting from the popup window on the website. I have watched John Hammond’s Youtube video on BurpSuite and have noticed the walkthrough seems to completely glance past it, but the missing steps to get the response and the request appearing side-by-side in BurpSuite are:
right click on the Intercept form and selecting “Send to Repeater”
click the Repeater tab and you will be able to re-use the same request multiple times instead of intercepting and tweaking a new one every time
The screenshots on the walkthrough just seem to have the top tabs trimmed off, assuming that it’s common knowledge, but for a BurpSuite newbie it’s still important little details.
@ffolstag Welcome to the forums I was not aware of the -v flag’s existence in ssh! Thank you for bringing it to my attention. I am also constantly seeking to add new things to my configs! This one will definitely be exciting to try out
Hello, I’m a noob and I’m hitting a wall here on the ssh. I copied the Openssh private key i got from burp. “chmod 600 id_rsa” I ran the command " ssh -i id_rsa email@example.com" i still keep getting Load key “id_rsa”: invalid format. I followed all the instructions on here. even restarting the machine to no luck.
When i run puttygen i get this
puttygen: unable to load file `id_rsa’: not a recognised key file format
I wish I could hug you. I’ve been stuck on this for DAYS trying to figure out how to move forward. THANK YOU so much for going out if your way to post your process and solutions. I tried each of these (except the last one THAT WORKED) before I starting searching for others who ran into this issue. The solution that worked for you, worked for me. Thank you again for your genius.
Thanks @tasidonya for the help! Even though I solved it, I found an easier way. No need to download puttygen and making an id_rsa.conv file. I tested it myself and no Load key “id_rsa”: invalid format popped up. Without giving much away, look over the Readable Private Keys section. Hope this helps someone!