Valentine

17810121318

Comments

  • @onlyamedic said:
    There's a huge hint for as to what you need to do, don't think too hard. There's are context clues you can use. Take some time & look at the 'artwork' that's given.

    i've run both the metasploit and python exploit nearly a hundred times and I haven't found anything other than the passphrase. and nothing that i could consider a user/pass. am i missing something?

  • @d3m0nr007 said:
    > @h3kd3w said:
    > what is the best way to get something usefull from memory leak? i'm using msf... but get only crypted stuff...

    Go through the data dump from the exploit. You will get some data that can be used in the decode page to find the passphrase. Also try to get the RSA private key. And Google how to use them together. You will figure it out soon.

    yo mate, thx for reply :+1:
    i think to have found the passprhrase but when try to add it on opennssl i get this error ::
    Enter pass phrase for hype.key:
    unable to load Private Key
    140455105323200:error:06065064:digital envelope routines:EVP_DecryptFinal_ex:bad decrypt:../crypto/evp/evp_enc.c:536:
    140455105323200:error:0906A065:PEM routines:PEM_do_header:bad decrypt:../crypto/pem/pem_lib.c:445:
    error in rsa

  • @h3kd3w said:

    @d3m0nr007 said:
    > @h3kd3w said:
    > what is the best way to get something usefull from memory leak? i'm using msf... but get only crypted stuff...

    Go through the data dump from the exploit. You will get some data that can be used in the decode page to find the passphrase. Also try to get the RSA private key. And Google how to use them together. You will figure it out soon.

    yo mate, thx for reply :+1:
    i think to have found the passprhrase but when try to add it on opennssl i get this error ::
    Enter pass phrase for hype.key:
    unable to load Private Key
    140455105323200:error:06065064:digital envelope routines:EVP_DecryptFinal_ex:bad decrypt:../crypto/evp/evp_enc.c:536:
    140455105323200:error:0906A065:PEM routines:PEM_do_header:bad decrypt:../crypto/pem/pem_lib.c:445:
    error in rsa

    [SOLVED]
    this error means wrong passphrase, i have founded the right one, now it work! :+1:

  • @SirFIS said:

    @onlyamedic said:
    There's a huge hint for as to what you need to do, don't think too hard. There's are context clues you can use. Take some time & look at the 'artwork' that's given.

    i've run both the metasploit and python exploit nearly a hundred times and I haven't found anything other than the passphrase. and nothing that i could consider a user/pass. am i missing something?

    Why do you think you are missing something? Look at some of the previous comments, and use what you found & put 2 + 2 together. It sounds like you have what you need if you found a "passphrase"

    Looking for past Hack the Box write-ups or other security stuff? Feel free to visit: https://dastinia.io <3

  • edited May 2018

    I managed to figure out the problem with the priv key and use the passphrase found using the exploit for it but ssh is still asking for the user password? does this mean I'm using the wrong user? Or am I doing something else wrong?

    EDIT: Nvm I'm stupid...

  • Can someone point me in the right direction, I know what the machine is vulnerable too. I verified this via nmap and then user metasploit, i found the php files and the encoded hype text. I've ran this exploit close to 57 times and I still havent found the RSA key....

  • They already removed it from the labs for free but this is for one to go to VIP I was already thinking about it but so forcibly I do not think I do it

  • After spending last whole day i wasn't able to get anything from bleed, but wow today i got lucky and found passphrase in single shoot :P :D
    Hence got user now upto root

  • edited May 2018

    Hey guys, hoping to get some help with the username. I've been reading through the forums and I'm aware you have to think simple. I've gotten everything you need up to this point including pass + key. I'm either using the key incorrectly or just having troubles thinking of usernames. Just hoping for a bit more of a hint with the username.

    Edit: I got it.

  • Hi all.
    I'm new to the game (htb and security) and would very much appreciate some pointers. Not looking for the answers just guidance. I ran the exploit and retrieved the string from it. I also retrieved another string (hype). Now I believe the way in is through ssh, however I am nowhere near the skill level to put 2 and 2 together for this.

    Thank you in advanced.

  • edited May 2018

    {Don't mind this just testing my signature :disappointed: }
    wwww

  • @IronBeagle said:
    Hi all.
    I'm new to the game (htb and security) and would very much appreciate some pointers. Not looking for the answers just guidance. I ran the exploit and retrieved the string from it. I also retrieved another string (hype). Now I believe the way in is through ssh, however I am nowhere near the skill level to put 2 and 2 together for this.

    Thank you in advanced.

    man is your man... as in man pages ... ;)

  • I need help with this Rsa.key i dont know what to do....i need hint

  • edited May 2018

    You need to look at what you think it is encoded as.

    Hack The Box

  • edited May 2018

    @J3rryBl4nks i can not find what needs to be decoded with that key

  • I cannot for the life of me figure out what to do with these weird file permissions that I'm finding in enumeration. Can someone pm me with a tip? I know I've found some weird shit but none of it is writeable and I want to make sure I'm not chasing nothing.

  • I decode the hype.key and i found the private key RSA ...but i dont know how to find the passphrase

  • edited May 2018

    i got root

  • Just got root. PM me for hints on how to solve this box the official way or by using exploits.

  • Hey guys, I enumerated as much as I could. Are there 2 different rsa keys? Am I on the right track? I have also obtained the passphrase to unlock the rsa key but not sure what is the username.

  • hahaha. I see. I found the username. sometimes users name their files in a certain way.

  • I too am struggling with user enumeration. I believe I've got everything I need to login, if I can only figure out the damn username. Everyone says it's right under my nose... PM maybe?

  • Got root, when you see it you will think that it can't be that, but it is

    OSCP

  • Just rooted. Early in my enumeration I came across what was a very very quick win for the root (artifact from someone elses privesc). Only for it to not work when I came to use it. I thought it was just a trolling attempt so looked for other ways.

    Then when I realise the privesc it was straight forward enough. Although someone did crash the box as I was navigating to the flag.

  • still not have any passphrase, iexploit the vulns but nothing in memory just see a respeated code and decoder,encoder im i in the right way please guide me

    Raouf09

  • Finally owned this box. Took me forever to get user. Turns out there was more exploration required than I had thought. After struggling to get user for like two days I got root in 5 min. So it goes, haha. PM me if u need a nudge.
  • finally got root :)

    Ar3s

  • If anyone needs help pm me

  • I just don't get it.
    I got the RSA key. So far so good. But I can't figure out where you all found the passphrase. Dirbuster didn't help me. And analyzing the image didn't help me neighter.
    And what's that exploit everyone is talking about?

    I would be very happy if someone could give me a hint.

    Fluxx79

  • The image gives you a hint about the exploit that you need. Failing that, look for exploits based around the service. or based around the theme of the box name.

Sign In to comment.