MISC fs0ciety hint needed

Hi there HTBers,
I would like a hint on fs0ciety. I know total newb on this, but this is what I tried/have done.

  1. Downloaded zip folder
  2. Password cracked the zip folder
  3. Got a .txt doc and opened it
  4. Read the message inside
  5. Tried inputting different info from the .txt into the HTB{} submit box
  6. Keep getting incorrect flag

Thanks for any and all help/direction/kick in the @$$/put me in time out/shake me by the shoulders/slap me silly/throw cold water on me hints you guys can provide!

Have a good one!
skooldog

Comments

  • read pdf carefully ......dont ignore any kind of ---(dashes) and .(dot) even .... ;)

    Agent22

  • Thanks Agent22!
    I believe that hint may be part of the other MISC challenge Old is Gold. But, I could be wrong. Please feel free to give me a head slap if I am incorrect.

  • @skooldog said:
    Thanks Agent22!
    I believe that hint may be part of the other MISC challenge Old is Gold. But, I could be wrong. Please feel free to give me a head slap if I am incorrect.

    sorry .....u r ryt ....i m bit mess with both misc challl..... hheheh ;)

    Agent22

  • Is an ssh key, it means that it's encrypted, so you have to decrypt it to get the pass

    Puerkito66

  • Thanks puerkito66. Do you or anyone else have any resources that I could reference to help with the decryption. I have googled quite a bit on this topic and have tried using online tools and cli tools like openssl, but no progress. How can I tell what kind of encryption it is using? Not even sure where to start with this...

    Here is a portion of the string in the text file:

    MDExMDEwMDEgMDExMDAxMTAgMDEwMTExMTEgMDExMTEwMDEgMDAx

    It states that this is "Encrypted SSH credentials to access..."

    Please let me know if I have given too much information.

    Thanks again to any and all that can help guide me in this challenge :-)

  • @skooldog said:
    Thanks puerkito66. Do you or anyone else have any resources that I could reference to help with the decryption. I have googled quite a bit on this topic and have tried using online tools and cli tools like openssl, but no progress. How can I tell what kind of encryption it is using? Not even sure where to start with this...

    Here is a portion of the string in the text file:

    MDExMDEwMDEgMDExMDAxMTAgMDEwMTExMTEgMDExMTEwMDEgMDAx

    It states that this is "Encrypted SSH credentials to access..."

    Please let me know if I have given too much information.

    Thanks again to any and all that can help guide me in this challenge :-)

    u r very close ...only 2 steps remain...... this is encrypted text ....try to figure out encryption algo ...

    Agent22

  • Thanks Agent22!!! You RROOOOOCCCCKKKKKKKK!!!!!!!! Have an awesome day :-)

    Your friend,

    Skooldog

  • For those coming along and seeing this for help, when you get the information from the .txt document.

    Big hint on the decrypt process, the string has nothing to do with SSH keys or SSH encryption. This is a rabbit hole I went down pretty far :-)

    Decode the string inside the .txt (common encrytion algo)-> then take this info and convert it into its final password for the challenge.

    Hope this helps people and a big thank you again to both Agent22 and puerkito66 for their help!!! You guys make this community better.

    Have a good one everyone!!!
    skooldog

  • how do you decrypt, with openssl?

  • @MrRaid9 said:
    how do you decrypt, with openssl?

    first figured out which cipher is used ..... learn some basic algo ....u ll find answer

    Agent22

  • Hi there MrRaid9,

    You are following the same path I did, thinking about it in just SSH encryption.

    Agent22 is correct and we should follow his advice.

    Here is an article I found that can help, look especially at the encoding section ;-)

    https://danielmiessler.com/study/encoding-encryption-hashing-obfuscation/

    Also, reread my hints from above.

    Hope this helps my friend!

    skooldog

  • edited November 2017

    bad magic number? i'll still research on decoding txt, but keep hitting a brickwall

  • edited November 2017

    took a while but i got it lol damn, how do i summit or im not done yet ? lol
    --updated--
    nvm got it, thanks for the info!!

  • I'm still stuck on this one. I've done alot of manipulation to the string in a few formats. Done freqency analyis on the 4 char sets and the 8 chars but I think I might be looking in the wrong direction given what others are saying.

    Any hints?

  • @smpoile said:
    I'm still stuck on this one. I've done alot of manipulation to the string in a few formats. Done freqency analyis on the 4 char sets and the 8 chars but I think I might be looking in the wrong direction given what others are saying.

    Any hints?

    It is very easy, when you have translated the primal types of languajes used by computers, you will recognize that pattern every time you see it, I promise you!

  • Lol got it... I was looking deeper. Sneaky though.

  • It is very easy, when you have translated the primal types of languajes used by computers, you will recognize that pattern every time you see it, I promise you!

    That's where I'm stuck. Keep staring at the digits, no divide message yet.

  • This is really confusing because I am getting a message from a conversion but that's exactly what's not cooking ;-)

    Any tips are extremely welcome.

  • @Wolfstorm your not smelling it!

    Magavolt

  • i'm looking into the hexdump of the encrypted ssh creds file but not coming up with anything solid?
    any suggestion will be of great help

  • What to do with binaries?

  • edited June 2018

    Opps..I need to read more.

  • @K43P said:
    What to do with binaries?

    ur question - is your answer ;)

  • edited October 2018

    I got the code but i cant submit it :anguished: Help me please

    LOOOL i put double dots by mistake

  • edited November 2018

    first to change base64 code then you get the binary code. and then binary to ascii. easy

  • My fastest challenge yet, very fun though, felt rewarding and easy 30 points!

  • edited February 5

    @ppaecity said:
    first to change base64 code then you get the binary code. and then binary to ascii. easy

    Okay, something is not right, I did that, I have the ASCII, I can read it. I added it to the HTB{} but it is not working :/
    Edit: Ignore this, something was strange, I refreshed and it worked

  • Type your comment> @Agent22 said:

    u r very close ...only 2 steps remain...... this is encrypted text ....try to figure out encryption algo ...

    it is not encrypted , it is encoded. there is a difference.

    Regards,
    qmi

  • @skooldog said:
    It states that this is "Encrypted SSH credentials to access..."

    in fact, that is misleading. it is encoded only. that is why i don't like this challenge.

    the original challenge description says, 'Can you crack the 'ZIP' folder and get the SSH password?'

    Regards,
    qmi

Sign In to comment.