Valentine

I am having trouble with getting root, I tried the dirty way but it doesnt seem to work. Any hints?

nvm, got it in the end. However can someone PM me where the hint in enum was supposed to be?

If when you are trying to priv esc using the “dirty method”, and it doesn’t seem to work, be patient. The exploit can take awhile to complete, that’s just the nature of the beast

@capnspacehook said:
If when you are trying to priv esc using the “dirty method”, and it doesn’t seem to work, be patient. The exploit can take awhile to complete, that’s just the nature of the beast

how long should it normally take to complete? trying to do both the dirty way and normal way!

Alright, I really wanted to find the username all by myself but I have hit a road block. I used the python script, I have what I believe is the password, I have used patator to attempt to brute force the username with a custom list of multiple names found through enumeration. Can someone PM me and give me a little hint on the username? Appreciate it.

@JOk3Rxvi said:

@capnspacehook said:
If when you are trying to priv esc using the “dirty method”, and it doesn’t seem to work, be patient. The exploit can take awhile to complete, that’s just the nature of the beast

how long should it normally take to complete? trying to do both the dirty way and normal way!

The dirty way could take anywhere from 1 to 10 mins, when I ran it it took around 5. Not sure what you mean by the ‘normal’ method, PM me about that

Got root, but not sure that was the way to do it… Can someone PM me so that I can check.

I need help, I found, private key, decoder, encode more information
someone to send me a private please

@impetuousdanny said:

@Largoh said:
No idea where everyone is getting passphrase from. I’ve tried using jtr to get it from the rsa key but get strange character along with normal characters

My heart bleeds for you.

Hello , @impetuousdanny , may I have some more hint on “My heart bleeds for you”?

@st4rry said:
@impetuousdanny said:

@Largoh said:
No idea where everyone is getting passphrase from. I’ve tried using jtr to get it from the rsa key but get strange character along with normal characters

 My heart bleeds for you.

Hello , @impetuousdanny , may I have some more hint on “My heart bleeds for you”?

OpenSSH

Thanks for the nudges, I was trying to make getting the key a lot harder than it was.

what is the password that everyone speaks I only found the note and the private key

i want to check if i m on right way , ?
anyone who solve can help me

@Anna said:
i want to check if i m on right way , ?
anyone who solve can help me

dm me if u u need too!

@Vburgos said:
what is the password that everyone speaks I only found the note and the private key

shouldnt need a password…

@JOk3Rxvi said:

@Vburgos said:
what is the password that everyone speaks I only found the note and the private key

shouldnt need a password…

thank you very much for answering and I found the piece that I was missing

im stuck on the initial foothold. i have the rsa and passphrase but ssh still prompts me for a password that i cannot find. can anyone PM me a hint/tell me where i’m going wrong?

@SirFIS said:
im stuck on the initial foothold. i have the rsa and passphrase but ssh still prompts me for a password that i cannot find. can anyone PM me a hint/tell me where i’m going wrong?

There’s a huge hint for as to what you need to do, don’t think too hard. There’s are context clues you can use. Take some time & look at the ‘artwork’ that’s given.

I think I got everything I need. Got the priv key, used the exploit for that phrase to be decoded. Got the pub key. I just don’t know how to put it all together for that initial ssh connection. The SSH is still asking for a password and I tried using the phrase found in the exploit output but it didn’t work. a bit stuck now…

@onlyamedic said:
There’s a huge hint for as to what you need to do, don’t think too hard. There’s are context clues you can use. Take some time & look at the ‘artwork’ that’s given.

i’ve run both the metasploit and python exploit nearly a hundred times and I haven’t found anything other than the passphrase. and nothing that i could consider a user/pass. am i missing something?

@d3m0nr007 said:

@h3kd3w said:
what is the best way to get something usefull from memory leak? i’m using msf… but get only crypted stuff…

Go through the data dump from the exploit. You will get some data that can be used in the decode page to find the passphrase. Also try to get the RSA private key. And Google how to use them together. You will figure it out soon.

yo mate, thx for reply :+1:
i think to have found the passprhrase but when try to add it on opennssl i get this error ::
Enter pass phrase for hype.key:
unable to load Private Key
140455105323200:error:06065064:digital envelope routines:EVP_DecryptFinal_ex:bad decrypt:…/crypto/evp/evp_enc.c:536:
140455105323200:error:0906A065:PEM routines:PEM_do_header:bad decrypt:…/crypto/pem/pem_lib.c:445:
error in rsa