MISC fs0ciety hint needed

skooldog · November 4, 2017, 2:13pm

Hi there HTBers,
I would like a hint on fs0ciety. I know total newb on this, but this is what I tried/have done.

Downloaded zip folder
Password cracked the zip folder
Got a .txt doc and opened it
Read the message inside
Tried inputting different info from the .txt into the HTB{} submit box
Keep getting incorrect flag

Thanks for any and all help/direction/kick in the @$$/put me in time out/shake me by the shoulders/slap me silly/throw cold water on me hints you guys can provide!

Have a good one!
skooldog

Agent22 · November 4, 2017, 2:21pm

read pdf carefully …dont ignore any kind of —(dashes) and .(dot) even …

skooldog · November 4, 2017, 2:27pm

Thanks Agent22!
I believe that hint may be part of the other MISC challenge Old is Gold. But, I could be wrong. Please feel free to give me a head slap if I am incorrect.

Agent22 · November 4, 2017, 4:33pm

@skooldog said:
Thanks Agent22!
I believe that hint may be part of the other MISC challenge Old is Gold. But, I could be wrong. Please feel free to give me a head slap if I am incorrect.

sorry …u r ryt …i m bit mess with both misc challl… hheheh

puerkito66 · November 4, 2017, 10:41pm

Is an ssh key, it means that it’s encrypted, so you have to decrypt it to get the pass

skooldog · November 5, 2017, 1:23am

Thanks puerkito66. Do you or anyone else have any resources that I could reference to help with the decryption. I have googled quite a bit on this topic and have tried using online tools and cli tools like openssl, but no progress. How can I tell what kind of encryption it is using? Not even sure where to start with this…

Here is a portion of the string in the text file:

MDExMDEwMDEgMDExMDAxMTAgMDEwMTExMTEgMDExMTEwMDEgMDAx

It states that this is “Encrypted SSH credentials to access…”

Please let me know if I have given too much information.

Thanks again to any and all that can help guide me in this challenge

Agent22 · November 5, 2017, 2:36pm

@skooldog said:
Thanks puerkito66. Do you or anyone else have any resources that I could reference to help with the decryption. I have googled quite a bit on this topic and have tried using online tools and cli tools like openssl, but no progress. How can I tell what kind of encryption it is using? Not even sure where to start with this…

Here is a portion of the string in the text file:

MDExMDEwMDEgMDExMDAxMTAgMDEwMTExMTEgMDExMTEwMDEgMDAx

It states that this is “Encrypted SSH credentials to access…”

Please let me know if I have given too much information.

Thanks again to any and all that can help guide me in this challenge

u r very close …only 2 steps remain… this is encrypted text …try to figure out encryption algo …

skooldog · November 5, 2017, 2:42pm

Thanks Agent22!!! You RROOOOOCCCCKKKKKKKK!!! Have an awesome day

Your friend,

Skooldog

skooldog · November 5, 2017, 3:57pm

For those coming along and seeing this for help, when you get the information from the .txt document.

Big hint on the decrypt process, the string has nothing to do with SSH keys or SSH encryption. This is a rabbit hole I went down pretty far

Decode the string inside the .txt (common encrytion algo)-> then take this info and convert it into its final password for the challenge.

Hope this helps people and a big thank you again to both Agent22 and puerkito66 for their help!!! You guys make this community better.

Have a good one everyone!!!
skooldog

MrRaid9 · November 19, 2017, 7:27am

how do you decrypt, with openssl?

Agent22 · November 19, 2017, 7:42am

@MrRaid9 said:
how do you decrypt, with openssl?

first figured out which cipher is used … learn some basic algo …u ll find answer

skooldog · November 19, 2017, 12:31pm

Hi there MrRaid9,

You are following the same path I did, thinking about it in just SSH encryption.

Agent22 is correct and we should follow his advice.

Here is an article I found that can help, look especially at the encoding section

Also, reread my hints from above.

Hope this helps my friend!

skooldog

MrRaid9 · November 20, 2017, 1:47am

bad magic number? i’ll still research on decoding txt, but keep hitting a brickwall

MrRaid9 · November 20, 2017, 5:01am

took a while but i got it lol ■■■■, how do i summit or im not done yet ? lol
–updated–
nvm got it, thanks for the info!!

smpoile · December 9, 2017, 8:07pm

I’m still stuck on this one. I’ve done alot of manipulation to the string in a few formats. Done freqency analyis on the 4 char sets and the 8 chars but I think I might be looking in the wrong direction given what others are saying.

Any hints?

Ic32K · December 10, 2017, 3:01pm

@smpoile said:
I’m still stuck on this one. I’ve done alot of manipulation to the string in a few formats. Done freqency analyis on the 4 char sets and the 8 chars but I think I might be looking in the wrong direction given what others are saying.

Any hints?

It is very easy, when you have translated the primal types of languajes used by computers, you will recognize that pattern every time you see it, I promise you!

smpoile · December 10, 2017, 4:08pm

Lol got it… I was looking deeper. Sneaky though.

gaulasterix · February 6, 2018, 8:50pm

It is very easy, when you have translated the primal types of languajes used by computers, you will recognize that pattern every time you see it, I promise you!

That’s where I’m stuck. Keep staring at the digits, no divide message yet.

Wolfstorm · February 27, 2018, 4:20pm

This is really confusing because I am getting a message from a conversion but that’s exactly what’s not cooking

Any tips are extremely welcome.

Magavolt · February 28, 2018, 4:17am

@Wolfstorm your not smelling it!