Hawk

@LordeDestro said:
I decrypted drupal.enc.txt and got password and possible user d***el but when i ssh using that its saying permission denied

Read Carefully , What Writes There

@Amzker said:

@LordeDestro said:
I decrypted drupal.enc.txt and got password and possible user d***el but when i ssh using that its saying permission denied

Read Carefully , What Writes There

@Draco123 said:

@LordeDestro said:
I decrypted drupal.enc.txt and got password and possible user d***el but when i ssh using that its saying permission denied

Read the decrypted message. You have a hint as to where can you use that information.

I have access to the portal. lets see what i can do now

■■■■…subprocess

Got root today.
Interesting machine.

Got user, enjoyed this box - onto root
If you’d like any pointers drop me a message

Edit: rooted! Learned a lot from this box - definitely a fun one

Got root today, thanks to xeto and ikuamike for the help. You can ping me for help!

ive got user access, and im able to sign into locally running service but i cant seem to figure out PrivEsc to save my life. any hints to save my sanity would be much appreciated

nice. got root. had alot of trouble with the .b**** file. i managed to get it but still would like to better understand what happened and how i can approach such things in the future.

root was easy for me as i had everything i needed already because i tried exploiting exactly that for initial foothold and failed. very fun setup i learned alot form this.

I’m at the initial file decryption stage. I know the tool that was used, and I can script up iterating through passwords. My question is on the algorithm. Am I supposed to iterate through that too, or is there a hint somewhere else that is publicly accessible on this box as to what algorithm was used?

So I ran through a script with rockyou and a particular algorithm. I got a password that did not throw a “bad decrypt” error, but I still have gibberish. I’ve seen all “digest” hints, and I know vaguely what those are referring to. But as I understand it, those are one-way mathematical functions that cannot be reversed. So, I’m not sure how to apply that to this process.

Any help would be greatly appreciated. Cryptography has never been my strong suit.

Can anyone give a nudge for root?

So I found out that openssl will “decrypt” this file with more than one password. Meaning, depending on the algorithm and the password chosen, you won’t get a decrypt error. But, if you have the wrong algorithm, the file is still gibberish.

Any help for decrypting the famous file will be gladly appreciated.

Any hints for privesc ? I can visit the page of H2 console. But no idea how to login.

@73rry said:
Any hints for privesc ? I can visit the page of H2 console. But no idea how to login.

I’ll PM you.

@Gwizwold said:
Can anyone give a nudge for root?

is there anything running as root?

After a careful search I found the file, but now I have a problem with the decryption.
I always get bad magic number, is the wrong version of the tool?

@cyberdog2099 said:
After a careful search I found the file, but now I have a problem with the decryption.
I always get bad magic number, is the wrong version of the tool?

You’re on the right track, check your tool syntax/options

Yeah, with some tips i’ve reached the user! A little step little to the root

If anyone can help with the escalation from w*******a to d I’ll really appreciate it. Been stuck for a long time looking for anything.