OpenAdmin

@shock72 said:

So Im basically stuck in one directory where i landed, have the other user account names but thats all.

any nudges as to how I find creds for the users? I read something about doing curls but i’m not sure how to go about that

You don’t need to change directories. Almost every linux command accepts a path.

For example instead of typing cd ./path/to/sub/folder; ls you can just as easily use ls ./path/to/sub/folder

Same with cat - cat ./path/to/sub/folder/interestingFile.php works.

Pwned the box :slight_smile:

It’s my first box after some time out so it was good to get a refresher of the basics.

I used the common xxxx.sh script to get in. I am wondering if anyone can explain to me what the xxxx.sh script is doing :slight_smile:

Please PM me if you have the explanation.

Thanks @newman12377 and @TazWake , much appreciated
…next thing ya know i’m kung fu fighting

Stuck between the 1st and 2nd user, minor directing will be appreciated :slight_smile:

@Peleg said:

Stuck between the 1st and 2nd user, minor directing will be appreciated :slight_smile:

Type your comment> @TazWake said:

@Peleg said:

Stuck between the 1st and 2nd user, minor directing will be appreciated :slight_smile:

OpenAdmin - #882 by TazWake - Machines - Hack The Box :: Forums

Thank you, but ive already discovered the group and the files and still nothing that I do with them works or gives me any kind of advancement…

@Peleg said:

Thank you, but ive already discovered the group and the files and still nothing that I do with them works or gives me any kind of advancement…

Ok - it helps if you lead with the problem you are facing then.

If you have found the files you need to find where they are being served. This might help:

There are a couple of ways to get the information you need and it is alluded to above.

Alternatively, if none of the previous hints are useful for you, it might be worth trying to rephrase your question so it asks your specific problem. Hints are always going to be generic but keep in mind 99% of this box is enumeration. If you look in enough places you will find what you need, you just need to think how you want to use it.

Hi. I got the R** for j****a. Cracked it and got the password. After trying to get into the machine via ssh it always throws me permission denied. Any clue why is that so :frowning: ?

@Destroyervg said:

Hi. I got the R** for j****a. Cracked it and got the password. After trying to get into the machine via ssh it always throws me permission denied. Any clue why is that so :frowning: ?

When you say “it” - do you mean SSH or the remote server?

Based on what you’ve put, the likely causes are:

  1. your key hasn’t been properly configured. You should see some error messages saying this though.
  2. you haven’t unlocked the key - again SSH should throw up some errors here.
  3. You arent using the key to connect to the site, you are trying to use a password.

Hi i got jy then i found ja’s Private Key but i dont know how to decode it, is there any way to get public pass? Please help , just 1 step left to get User and Root.

Type your comment> @TazWake said:

@Destroyervg said:

Hi. I got the R** for j****a. Cracked it and got the password. After trying to get into the machine via ssh it always throws me permission denied. Any clue why is that so :frowning: ?

When you say “it” - do you mean SSH or the remote server?

Based on what you’ve put, the likely causes are:

  1. your key hasn’t been properly configured. You should see some error messages saying this though.
  2. you haven’t unlocked the key - again SSH should throw up some errors here.
  3. You arent using the key to connect to the site, you are trying to use a password.

By it i mean the machine: ssh i id_rsa joanna@10…171

One of your comments gave me a hint. The error message is the following:
…@…:~/Desktop# ssh -i id_rsa j.....a@10.10.10.171
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@ WARNING: UNPROTECTED PRIVATE KEY FILE! @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
Permissions 0644 for ‘id_rsa’ are too open.
It is required that your private key files are NOT accessible by others.
This private key will be ignored.
Load key “id_rsa”: bad permissions
jo....a@10.10.10.171’s password:
Permission denied, please try again.
jo...a@10.10.10.171’s password:

Type your comment> @TeRMaN said:

Hi i got jy then i found ja’s Private Key but i dont know how to decode it, is there any way to get public pass? Please help , just 1 step left to get User and Root.

@TeRMaN said:
Hi i got jy then i found ja’s Private Key but i dont know how to decode it, is there any way to get public pass? Please help , just 1 step left to get User and Root.

You can crack it with JohnTheReaper. I did it with this tool.

Type your comment> @Destroyervg said:

Type your comment> @TeRMaN said:

Hi i got jy then i found ja’s Private Key but i dont know how to decode it, is there any way to get public pass? Please help , just 1 step left to get User and Root.

@TeRMaN said:
Hi i got jy then i found ja’s Private Key but i dont know how to decode it, is there any way to get public pass? Please help , just 1 step left to get User and Root.

You can crack it with JohnTheReaper. I did it with this tool.

I found b*********s but it doesn’t work :frowning:

Type your comment> @TeRMaN said:

Type your comment> @Destroyervg said:

Type your comment> @TeRMaN said:

Hi i got jy then i found ja’s Private Key but i dont know how to decode it, is there any way to get public pass? Please help , just 1 step left to get User and Root.

@TeRMaN said:
Hi i got jy then i found ja’s Private Key but i dont know how to decode it, is there any way to get public pass? Please help , just 1 step left to get User and Root.

You can crack it with JohnTheReaper. I did it with this tool.

I found b*********s but it doesn’t work :frowning:

Same here brother…i get an error “permission denied”

Type your comment> @Destroyervg said:

Type your comment> @TeRMaN said:

Type your comment> @Destroyervg said:

Type your comment> @TeRMaN said:

Hi i got jy then i found ja’s Private Key but i dont know how to decode it, is there any way to get public pass? Please help , just 1 step left to get User and Root.

@TeRMaN said:
Hi i got jy then i found ja’s Private Key but i dont know how to decode it, is there any way to get public pass? Please help , just 1 step left to get User and Root.

You can crack it with JohnTheReaper. I did it with this tool.

I found b*********s but it doesn’t work :frowning:

Same here brother…i get an error “permission denied”

İf u findout pls tell me :smiley:

Rootey tootey! awesome but frustrating box, definately a great learning experience for begginers such as myself, the concepts are real world and not too complicated and call for focus and attention to detail, there’s nothing i could say that hasnt allready been said ad nauseum! Thanks to my Mentor ,he knows who he is, for your patience i dont know how you do it. Thanks to all else who leave excellent hints on this forum. :slight_smile:

@Destroyervg said:

By it i mean the machine: ssh i id_rsa joanna@10…171

One of your comments gave me a hint. The error message is the following:
…@…:~/Desktop# ssh -i id_rsa j.....a@10.10.10.171
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@ WARNING: UNPROTECTED PRIVATE KEY FILE! @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
Permissions 0644 for ‘id_rsa’ are too open.
It is required that your private key files are NOT accessible by others.
This private key will be ignored.
Load key “id_rsa”: bad permissions
jo....a@10.10.10.171’s password:
Permission denied, please try again.
jo...a@10.10.10.171’s password:

Ok - you might have solved this now but for anyone else:

This is an error message from SSH on your own Kali machine. It says that the ssh client has ignored the private key and instead is asking for a password - which you dont have.

This means the key is not properly configured. chmod is your friend here.

@TeRMaN said:

I found b*********s but it doesn’t work :frowning:

@Destroyervg said:

Same here brother…i get an error “permission denied”

When you say “it doesnt work” - what doesnt work? The tools you are using give fairly comprehensive error messages and several things are happening so it is very hard to work out what the problem is without seeing the errors.

If the password doesn’t unlock the private key, then you should see an error message to that effect.

If you have the permissions incorrectly set and you see a “This private key will be ignored” message, you need to change the permissions.

“Permission denied” kind of implies you are trying to use the password for the private key as a password to access via SSH. This is not the right thing to do.

Type your comment> @TazWake said:

@TeRMaN said:

I found b*********s but it doesn’t work :frowning:

@Destroyervg said:

Same here brother…i get an error “permission denied”

When you say “it doesnt work” - what doesnt work? The tools you are using give fairly comprehensive error messages and several things are happening so it is very hard to work out what the problem is without seeing the errors.

If the password doesn’t unlock the private key, then you should see an error message to that effect.

If you have the permissions incorrectly set and you see a “This private key will be ignored” message, you need to change the permissions.

“Permission denied” kind of implies you are trying to use the password for the private key as a password to access via SSH. This is not the right thing to do.

I got the last one, Permission denied. when i tried to “ssh -i id_rsa…” it says “‘id_rsa’ are too open. It is required that your private key files are NOT accessible by others.
This private key will be ignored.” and u say this is not right thing… chmod maybe can help. Yes i did it with chmod! Thank u all

@TeRMaN said:

I got the last one, Permission denied. when i tried to “ssh -i id_rsa…” it says “‘id_rsa’ are too open. It is required that your private key files are NOT accessible by others.
This private key will be ignored.” and u say this is not right thing… chmod maybe can help. Yes i did it with chmod! Thank u all

Nice work.