USB ripper

The result you get if you do everything correctly is not in the usual flag format iirc, you’ll have to surround it with HTB{} when submitting.

@Gordin Thanks, that worked, if it wasn’t for your reply I’d have assumed I only had part of the solution and kept trying to decrypt all the rest of the data.

@> @GChester said:

@Gordin Thanks, that worked, if it wasn’t for your reply I’d have assumed I only had part of the solution and kept trying to decrypt all the rest of the data.

hi, check your PM please, looking for a tip.

Learned to use a new tool, funny and short challenge

Type your comment> @socialkas said:

Type your comment> @davidlightman said:

Using the relevant tool I get a backtrace about wrong timestamp format. Has anyone experienced this issue?

yeah; it’s straightforward to edit the python code and get that fixed.

Cheers,

Can you give a little more detail on editing the python code? I have 2.1.4-2 can get the time error.

FYI installed via “pip3 install appname”

@Br1a1d said:

Can you give a little more detail on editing the python code? I have 2.1.4-2 can get the time error.

Save yourself time, go back to 2.1.3 and try again…

ugg what an undeeded Hassel on this on… the creator of the tool and challenge did not make their update compatible and now i have to search for older versions…

The only tool that I used was awk, grep and sed.

Hi!
Guys I have some problems with the tool I try all possible version but whole version throws the same problem. Can you recommend another tool?

That hint from will135 only makes sense after cracking, it sent me on a wild goose chase trying to find info on the creator of the box, ignore that hint and get strait on with the task.

Hi, thanks to the comments here, i’ve used the right version of the tool… I’m grateful for that.
Here is my question : does a hash that you can reverse to something looking like a keyboard sequence deserve to dig or is it a rabbit hole ? Any hint would be appreciated

Someone can give me a hint?? I installed usbrip tool, and i get some information with auth.json, but after that what I should do it? could you help me please?
What kind of flag we are looking for?

A little guidance on the cracking portion of this would be nice. I threw the hash into chef and got possible formats. Now I am trying those different hash formats with John the Ripper. Feels like I am going in the wrong direction.

Latest version I got from pip (2.1.4-7) worked fine. Almost faster to do it manually though.
Happy to give cracking hints if anyone needs them.

Done. PM for a help.
Little hint - use rockyou for the last part of the challenge.

Here’s a hint for after you have the v*******n:

The length of your options is important.

Type your comment> @hx47 said:

Type your comment> @davidlightman said:

Using the relevant tool I get a backtrace about wrong timestamp format. Has anyone experienced this issue?

pip3 install usbrip==2.1.3.post3

huge thanks

I like challenge very much at all but i found by my self only one rock group name and after i don’t know what to do i have done everything

Can I get a hint please, feel like I am missing the obvious, I have found a violation event but looking at the surrounding times within syslog doesn’t show me anything and using the PID/VID doesnt seem to bring me any help either so clearly I am missing something :<

Update.

Nevermind sorted, fml.

I’ve found the violation event, the “crack” in what consists PM me please