Fortune

Type your comment> @4ndr34z said:

Hmmm. That was a thought…
A little hint of where it could be found?

@limbernie said:

@4ndr34z said:
Anyone??

Wrong key, perhaps?

I second this. I think I’m in the same place as you. I have hashes but no way to decrypt them.

Type your comment> @agr0 said:

Type your comment> @4ndr34z said:

Hmmm. That was a thought…
A little hint of where it could be found?

@limbernie said:

@4ndr34z said:
Anyone??

Wrong key, perhaps?

I second this. I think I’m in the same place as you. I have hashes but no way to decrypt them.

Enumerate a little deeper and you may find a treasure which offers the answers you seek.

Scratch that – rooted!

Another amazing box from AuxSarge. Thanks!

EDIT: Just thinking back, I think this might be my new favorite challenge on HTB. This was a fun ride from start to finish.

Anyone that can point me towards root? I can see a few files that hint me for what needs to be done. But kinda unsure how to move forward.

EDIT: Trying to get the hash thing that people talk here. The comments are helpful. Getting there

Can anyone point me out on how to convert this certs to be used in the other services?

Type your comment> @dplastico said:

Can anyone point me out on how to convert this certs to be used in the other services?

See the IBM reference link in this post.

to me that box is not real-life it is a ctf…dont get the web chart

Type your comment> @peek said:

to me that box is not real-life it is a ctf…dont get the web chart

IMHO every box contains CTF elements, some over do it, some just try to minimize them as much as they can to represent real case scenario. But at the end of the day all boxes at least the active ones the creators are mixing things together to make it more challenging, but what they SHOULD do is find a good balance between the two.

Woohoo, just rooted. I really enjoyed the privesc part. I’m glad I was a developer in that particular space once lol

Root!
Make the source code work for you!

I solved it. If anybody wants any hints, PM me. I won’t spoil the fun for you.

Btw, this box is not CTF like. I didn’t have to guess for stuff. The only painful thing was the certs because openssl cmd is a disaster.

Type your comment> @skordokailas said:

I solved it. If anybody wants any hints, PM me. I won’t spoil the fun for you.

Btw, this box is not CTF like. I didn’t have to guess for stuff. The only painful thing was the certs because openssl cmd is a disaster.

find me a website where you can generate a key

Type your comment> @peek said:

Type your comment> @skordokailas said:

I solved it. If anybody wants any hints, PM me. I won’t spoil the fun for you.

Btw, this box is not CTF like. I didn’t have to guess for stuff. The only painful thing was the certs because openssl cmd is a disaster.

find me a website where you can generate a key

Send me all your private keys and I’ll generate certs for you X-) (jk)

Type your comment> @peek said:

Type your comment> @skordokailas said:

I solved it. If anybody wants any hints, PM me. I won’t spoil the fun for you.

Btw, this box is not CTF like. I didn’t have to guess for stuff. The only painful thing was the certs because openssl cmd is a disaster.

find me a website where you can generate a key

Let me preface this by saying that I don’t want to start a flamewar. It seems that you got User on the box so I can respond without spoiling it for the others.

That functionality that you leveraged to solve the TLS issue is an RFC for a bit more than a decade and it has been in discussions for almost two decades. This feature has been a freaking pain in the ■■■ for users to handle but lately we “”“DevOps”“” so users don’t see it. It’s a feature widely used in Fortune and Tech companies and generally big corporations (maybe for the past 2-3 years?).

Even the way it’s tied with the next step, is stuff that happens (or some variation of this). All of the above tipped me off and this is why I’m saying it doesn’t look like a CTF.

This is a flow that exists and variations of it will come up more often inside corporate networks because it’s an easy and convenient way for developers, users, infrastructure engineers and god knows who else to do stuff without having extra overhead.

it doesnt matter in fact, you all have right, no worries. but it’s interesting to know that some method use browsers and keys. I was ignorant of that.

solution is not to brute force ssh and/or reset. as always.

got root :slight_smile: root is tricky and reading code and backtracing is required. I don’t have much coding experience so got some hiccups.
PM for hints. That’s awesome box anyway. Leant lot of new things.

Getting user was pretty awesome. I can’t say the same for root. IMHO, I thought it was a pretty lame find. It only made sense when I finally got it. I can only blame myself for not seeing the obvious.

Kudos to @AuxSarge

Need a hand decrypting hash. Whenever trying it shows garbage value and decoding it with utf-8 causes error

Error: 'utf8' codec can't decode byte 0x8c 

Spoiler Removed