Hey, internet stranger If you got this far without a solution, here is what has worked for me (may need to install puttygen first with sudo apt-get install puttygen):
This command will generate an id_rsa.conv and the generated file will already have the correct permissions (chmod 600). Ssh-ing with id_rsa.conv got me into Daniel’s desktop.
I don’t know if it’s a combination of things I’ve done previously, but id_rsa was a freshly copied and pasted key into a new file, I’ve nuked all my previous attempts and started over. I’ve also noticed that previously the very same command didn’t work, so it must be the fact it’s a new file.
Glad you got to the bottom of it and thanks for posting your solution for others (sorry I couldn’t help, Linux and SSH keys are not my strong suit lol). Too many people just say “nvm I fixed it” and don’t explain what they did for other people with the same issue
No worries, thank you for posting! I realise this is a very niche problem, but this is the beauty of the forums - there is a very high chance that someone might have struggled with the exact same issue. And if I am the only one - may as well fill this gap and ease the unnecessary struggles for others
Here is a little addition, that has just occurred to me today to address the problem of copying and pasting from the popup window on the website. I have watched John Hammond’s Youtube video on BurpSuite and have noticed the walkthrough seems to completely glance past it, but the missing steps to get the response and the request appearing side-by-side in BurpSuite are:
right click on the Intercept form and selecting “Send to Repeater”
click the Repeater tab and you will be able to re-use the same request multiple times instead of intercepting and tweaking a new one every time
The screenshots on the walkthrough just seem to have the top tabs trimmed off, assuming that it’s common knowledge, but for a BurpSuite newbie it’s still important little details.
Or you can edit the system-wide config file /etc/ssh/ssh_config so that sudo ssh works for tunneling purposes to accept multiple hostkey types by adding the same line:
@ffolstag Welcome to the forums I was not aware of the -v flag’s existence in ssh! Thank you for bringing it to my attention. I am also constantly seeking to add new things to my configs! This one will definitely be exciting to try out
wasted an hour and a half trying to troubleshoot this. HTB, please at least add a section in the walkthrough to avoid wasting people’s time over little stuff like this
Hello, I’m a noob and I’m hitting a wall here on the ssh. I copied the Openssh private key i got from burp. “chmod 600 id_rsa” I ran the command " ssh -i id_rsa daniel@10.10.10.49" i still keep getting Load key “id_rsa”: invalid format. I followed all the instructions on here. even restarting the machine to no luck.
When i run puttygen i get this
puttygen: unable to load file `id_rsa’: not a recognised key file format
I am stuck in privilege escalation. Modified the job and tried my best. But still, I don’t get connected and the job file automatically changes to default. Can someone help?
I wish I could hug you. I’ve been stuck on this for DAYS trying to figure out how to move forward. THANK YOU so much for going out if your way to post your process and solutions. I tried each of these (except the last one THAT WORKED) before I starting searching for others who ran into this issue. The solution that worked for you, worked for me. Thank you again for your genius.
Thanks @tasidonya for the help! Even though I solved it, I found an easier way. No need to download puttygen and making an id_rsa.conv file. I tested it myself and no Load key “id_rsa”: invalid format popped up. Without giving much away, look over the Readable Private Keys section. Hope this helps someone!
<?xml version = "1.0"?><!DOCTYPE root [<!ENTITY test SYSTEM 'file:///c:/users/daniel/.ssh/id_rsa'>]>
<order><quantity>111</quantity><item>Home Appliances</item><address>super</address></order>
and just returns a 200 with no sign of any key data.
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 19:57:33 GMT
Server: Apache/2.4.41 (Win64) OpenSSL/1.1.1c PHP/7.2.28
X-Powered-By: PHP/7.2.28
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Content-Length: 49
Connection: close
Content-Type: text/html; charset=UTF-8
Your order for Home Appliances has been processed
Payload looks fine to me (famous last words). Spent over an hour on just this. Please can anyone help see what I am missing?