USB ripper



  • edited September 2019

    Someone can give me a hint?? I installed usbrip tool, and i get some information with auth.json, but after that what I should do it? could you help me please?
    What kind of flag we are looking for?

  • A little guidance on the cracking portion of this would be nice. I threw the hash into chef and got possible formats. Now I am trying those different hash formats with John the Ripper. Feels like I am going in the wrong direction.

  • Latest version I got from pip (2.1.4-7) worked fine. Almost faster to do it manually though.
    Happy to give cracking hints if anyone needs them.

  • edited September 2019

    Done. PM for a help.
    Little hint - use rockyou for the last part of the challenge.

  • Here's a hint for after you have the v*******n:

    The length of your options is important.

    "I do because I can.
    I can because I want to.
    I want to because you said I couldn't."

  • Type your comment> @hx47 said:

    Type your comment> @davidlightman said:

    Using the relevant tool I get a backtrace about wrong timestamp format. Has anyone experienced this issue?

    pip3 install usbrip==2.1.3.post3

    huge thanks

  • I like challenge very much at all but i found by my self only one rock group name and after i don't know what to do i have done everything

  • edited October 2019

    Can I get a hint please, feel like I am missing the obvious, I have found a violation event but looking at the surrounding times within syslog doesn't show me anything and using the PID/VID doesnt seem to bring me any help either so clearly I am missing something :<


    Nevermind sorted, fml.

  • I've found the violation event, the "crack" in what consists PM me please

  • When I use usbrip to find violations it seems to return way too many results. Do you guys only get one violation back? Im stuck :/

  • i found it using awk,grep,sed but when i "crack" and submit the flag it's not accepted. Any ideas?


  • edited November 2019

    Can someone explain how usbrip found a violation if the same manufacturer ID is it in auth.json? I don't get it.

    btw. is it possible to do it with one command using grep, awk & sed?

  • edited November 2019

    Nice challenge but now I must resist the urge to make u*****r faster....

    [*] Time taken: 0:08:07.389734
    time python3
    real 0m2.091s
    user 0m2.016s
    sys 0m0.073s

  • Nice challenge, learned new tool (and I was lucky enough because the tool works just fine and I had no problem with it, just install, run and found violation).

    For the cracking part, I used a well known online service, and it was almost instantaneous.

  • Tip: this is a lot easier than you expect! Once you get the v*******, what is the easiest thing you can do with it? ;)

  • edited December 2019

    Edit. Nvm. I said f-it on trying to crack it myself I just looked it up instead of cracking first result was correct.

    Ranked #1 in Master of Overthinking 20yrs running uncontested.
    For Help include machine name in message because my mind's everywhere right now.
    Hack The Box

  • this can be done in a few lines of python + online tool. nice challange though :)

  • any nudge on the "crack" part ?


  • I'm looking over the tool. I ran the command to pull violations. However I know I'm using the tool wrong as it output my usb devices as the violations. I'm stuck on how to make this work. Can someone PM me a nudge please?

    Available to help when I can and know how to help. However do not expect responses right away on these days. Sunday - Wednesday between 7am-8pm EST (USA, Orlando, Fl) as I work those days from 7a-7p and then the ride home. Just a forewarning is all :) Other than that I'll answer ASAP, or when I get home from work.

    CompTIA A+ | Network+ | Security+ | PenTest+ (In Progress) | C|EH (in Progress)
  • The chef is offering me a dish that I am clearly not adequately skilled to eat :(

  • Hi there, can someone help with the second part. It says crack it so I have tried some online platforms but that doesn't seem to work. A PM would be appreciated!

  • Done..Anyone need help ping me <3

    If i am able to help +respect <3

  • Simple python + jtr = eez

  • edited March 16

    Hi all, can someone give me a hint on the second part, please? I'm using J but not sure if I'm using him correctly,



    Ignore me. Done it.

  • Not sure if I am right, but the suggested tool usage is a bit hard. Harder -maybe- then the challenge. It always throws errors. Here the maker (and the challenge owner snovvcrash) said: "Try harder"

    The installation and uninstallation process was also too hard (for me absolutely), and it is not working, does not matter how hard I try...

  • tha usbrip tool is enouhg
    pip3 install usbrip==2.1.3.post3 is important for errors
    thanks for nudges on this forum

    crack part is easy google skilzz

    Hack The Box

    You can pm me on discord sh4d0wless#6154

  • got it, feel free to PM me


    Valiant, nothing is impossible.
    Lock by lock and one after the other is the key. You cannot open door number 9 until you have unlocked number 8.

  • Got. Nice challenge. Feel free to contact me if you need hints

  • Hah) nice challenge). All needed hints are in this discussion

  • I tried the latest version of the tool and a couple of the older versions and still couldn't escape errors when trying to open files with it. So I gave up and just went back to some manual parsing in the terminal. It took a little longer than it would have if the tool just worked out of the box, but it wasn't too hard. The "cracking" was handled quickly by a well known website.

Sign In to comment.