I just found a file I dont understand What I do with it.Can you give me a little hint?
@ghroot said:
I just found a file I dont understand What I do with it.Can you give me a little hint?
Google the file extension. Google the file contents.
Finally got user, if anyone needs a hint you can message me. Next step, root.
@Will9560 said:
Finally got user, if anyone needs a hint you can message me. Next step, root.
Sent you a PM please give me a hand
@Will9560 said:
Finally got user, if anyone needs a hint you can message me. Next step, root.
Sent you a PM as well.
@Will9560 said:
So I have the private RSA key, I have a MD5 looking hash that I got from dumping memory, however that doesnāt seem to be the passphrase used to decrypt the RSA key since I get an openssl error. Iāve tried re-dumping the memory a couple of times and I still canāt find anything significant other than the hash. Can anyone help me? Thanks
its not md5 value. its encoded with different format which is very famous on CTF 
@MrDanMan said:
@halfluke said:
@MrDanMan said:
Iām trying to verify the passphrase, which seems to be correct as it doesnāt throw the āBad passphraseā when I try to ssh-add itā¦ Instead it throws anError loading key (...): invalid formatAny clues on this?If you have the right key and the right passphrase, just use it to log in with the correct user. It should work. Not sure what you are ssh-adding it to
Hmm, interesting, thanks anyway. I was just ssh-adding to see if the pass phrase would work, because SSHing was slow and I didnāt feel like waiting
I got this tooā¦ I figured it out pretty quick thoughā¦ open up your key file in leafpad and add an enter gap between where it says DEK-info and the actual key, it would turn out something like:
-----start key ----
bla bla bla bla
DEK-info:blablablabla
fef87ewt24jf942j04kt0j29285tj092fj40249fj2408h4
----end key----
Owned the machine. Happy feeling. This gets really easy if you know what you are looking for. Use google to search text and other files. PM if you are stuck.
@metaning said:
could you give me one more hint about user of server ?
The beast that loves supreme.
This box is all about enum and public exploits. If you did well in enum, you can easily root this box. PM me if you need more hints.
Could anyone PM me?
I know I have to be special or something. I can see the beginning of the key (āBEINGā¦) but not the rest when converting from the encoding I originally found the key in, to the readable format. What am I missingā¦
@lahirukkk said:
finally rootedBig thanks to @ArmaTank
Can you please help me? I have the key, canāt get the passphrase. I ran the exploit, got the memdump & I thought that I had the encoded value but it didnāt work. Thanks to @KouPreY for the nudge
@opanwar said:
@lahirukkk said:
finally rootedBig thanks to @ArmaTank
Can you please help me? I have the key, canāt get the passphrase. I ran the exploit, got the memdump & I thought that I had the encoded value but it didnāt work.
Nvm, got the user and root. The key is to be persistent with the exploit. Itās like a box of chocolates you gotta keep eating until youāve tried all that the box has to offer ;).
@jram said:
Could anyone PM me?I know I have to be special or something. I can see the beginning of the key (āBEINGā¦) but not the rest when converting from the encoding I originally found the key in, to the readable format. What am I missingā¦
Well I feel silly because I was on the right track and others PMing made me realize that I was using the correct decoding method, the script I was using just wasnāt properly decoding the copied text. Had to modify the text a little.
That one was fun.
My main suggestion is this: get root cleanly. No need to be dirty.
PM me for hints.
Getting into it took me 3h+ ā¦ priv esc took me ā¦ 10secā¦ lol! 
i have the password and private key, cant figure out the username. any hints for username will be great