Username: 
Password: 
Restrict session to IP 

...and I am not yet awake, too  Go to the SSH... Z is sleeping challenge

1 2
Global Rank: 188
Totalscore: 109876
Postitused: 35
Aitäh: 33
Üleshääled: 38
Registreeritud: 14y 60d


Viimati nähtud: 156d 21h
Kasutaja on hetkel väljas
...and I am not yet awake, too
Google/translate3Aitäh!4Hea postitus!0Halb postitus! link
I am at a point where I probably miss something important. The files placed at the obvious locations contain one half needed for a "two part communication". However, to my knowledge it is not the required part to initialize this connection but to accept it. The algorithm itself for the given key length is not reversible in realistic times. The implementation of openssh is up to date (not the old D****n one). The title seems to point to Z's account. He also has group permissions for the level user. However, you would need to have user permissions anyway. I cannot "find" any more files belonging to z or level8 which are readable by me.

Did a file disappear from the server or am I just missing something?

Thx
HiPhiSch

€: Changed a bit in order not to spoil too much
Viimati muudetud HiPhiSch - Märts 18, 2012 - 14:20:22
Global Rank: 228
Totalscore: 94499
Postitused: 1693
Aitäh: 1365
Üleshääled: 929
Registreeritud: 16y 360d




Viimati nähtud: 1d 3h
Kasutaja on hetkel väljas
RE: ...and I am not yet awake, too
Google/translate2Aitäh!1Hea postitus!2Halb postitus! link
Maybe the *** is new, but the **** are old ... you guessed the right thing in your post above. You probably now also know which Smile

Good luck and Happy challenging!
gizmore
The geeks shall inherit the properties and methods of object earth.
Viimati muudetud gizmore - Märts 18, 2012 - 15:39:01
Global Rank: 3113
Totalscore: 6831
Postitused: 3
Aitäh: 3
Üleshääled: 2
Registreeritud: 9y 43d
Viimati nähtud: 9y 36d
Kasutaja on hetkel väljas
RE: ...and I am not yet awake, too
Google/translate1Aitäh!1Hea postitus!0Halb postitus! link
So its time to ask for a hint.

Facts:
- level8 home folder: /home/level/8
- List of files:
GeSHi`ed bash code for ls
1
2
3
4
56
7
8
9
1011
12
13
14
1516
17
18
19
20
ls -alR
.:
total 36
drwxr-xr-x  4 level8 level8 4096 2012-07-26  .
drwxr-xr-x 24 root   root   4096 2014-01-18  ..drwxrwxr-x  2 level8 level8 4096 2012-02-21  backups
-rw-------  1 level8 level8  932 2014-02-03  .bash_history
-rwx------  1 level8 level8  128 2011-11-28  .bash_logout
-rwx------  1 level8 level8  193 2011-11-25  .bash_profile
-rwx------  1 level8 level8  590 2011-12-06  .bashrc-r--------  1 level8 level8   49 2011-12-28  solution.txt
drwx------  2 level8 level8 4096 2012-02-21  .ssh
 
./backups:
total 12drwxrwxr-x 2 level8 level8 4096 2012-02-21  .
drwxr-xr-x 4 level8 level8 4096 2012-07-26  ..
-rw-r--r-- 1 root   level8  382 2011-12-28  authorized_keys.backup
ls: cannot open directory ./.ssh: Permission denied
 


So the only thing I can do is to view authorized_keys.backup file.
I cannot change this file and add my pub key with hope that user will restore backup.
I cant even create new file with my pub key as authorized_keys.backup1 and then cheange user and permissions.
i even try sudo... and get busted ;)
GeSHi`ed bash code for sudo
1
2
3
4
56
7
8
9
1011
 
We trust you have received the usual lecture from the local System
Administrator. It usually boils down to these three things:
 
    #1) Respect the privacy of others.    #2) Think before you type.
    #3) With great power comes great responsibility.
 
Password: 
flaps is not in the sudoers file.  This incident will be reported. 

So i suppose its wrong thinking.


Please give me a hint or PM me.
Global Rank: 1
Totalscore: 758678
Postitused: 437
Aitäh: 497
Üleshääled: 470
Registreeritud: 15y 199d












Kasutaja on hetkel väljas
RE: ...and I am not yet awake, too
Google/translate1Aitäh!2Hea postitus!0Halb postitus! link
For a hint, read the two posts above yours.
Global Rank: 4065
Totalscore: 4712
Postitused: 8
Aitäh: 6
Üleshääled: 7
Registreeritud: 6y 342d

Viimati nähtud: 1y 31d
Kasutaja on hetkel väljas
RE: ...and I am not yet awake, too
Google/translate1Aitäh!1Hea postitus!0Halb postitus! link
Yes, sir.
I have read the four posts already.
But I still could not figure out what exactly I can do with only a "ssh-rsa public key file"..

Is there more hint special for me?
Smile
Global Rank: 228
Totalscore: 94499
Postitused: 1693
Aitäh: 1365
Üleshääled: 929
Registreeritud: 16y 360d




Viimati nähtud: 1d 3h
Kasutaja on hetkel väljas
RE: ...and I am not yet awake, too
Google/translate0Aitäh!1Hea postitus!0Halb postitus! link
Once there was a security desaster with debian ssh keys..... read up on this
The geeks shall inherit the properties and methods of object earth.
Global Rank: 7451
Totalscore: 1347
Postitused: 3
Aitäh: 3
Üleshääled: 3
Registreeritud: 5y 218d
Viimati nähtud: 1y 214d
Kasutaja on hetkel väljas
RE: ...and I am not yet awake, too
Google/translate1Aitäh!1Hea postitus!0Halb postitus! link
I find a vuln,and i get a private key. use ssh -I key to login z@warchall.net ,but need password. why?
Viimati muudetud knywi9 - August 02, 2019 - 17:10:42
Global Rank: 1
Totalscore: 758678
Postitused: 437
Aitäh: 497
Üleshääled: 470
Registreeritud: 15y 199d












Kasutaja on hetkel väljas
RE: ...and I am not yet awake, too
Google/translate1Aitäh!2Hea postitus!0Halb postitus! link
Because that's not how you specify the key. And you also have the wrong user.
Global Rank: 7451
Totalscore: 1347
Postitused: 3
Aitäh: 3
Üleshääled: 3
Registreeritud: 5y 218d
Viimati nähtud: 1y 214d
Kasutaja on hetkel väljas
RE: ...and I am not yet awake, too
Google/translate1Aitäh!1Hea postitus!0Halb postitus! link
thanks, ssh -i and user is l*****.
Global Rank: 80
Totalscore: 193748
Postitused: 16
Aitäh: 12
Üleshääled: 13
Registreeritud: 3y 286d



Viimati nähtud: 19d 4h
Kasutaja on hetkel väljas
RE: ...and I am not yet awake, too
Google/translate1Aitäh!1Hea postitus!0Halb postitus! link
Thank you for the state of the challenge directory, flaps!
It seems that some files are currently missing since the lost of the previous warchall box.
Do you still have it somewhere?
1 2
knywi9, randy, Redknee, ckclark, minseo96, tunelko, silenttrack, n0tHappy, nonfungiblesecurity, quangntenemy, TheHiveMind, Z, balicocat, Ge0, samuraiblanco, arraez, jcquinterov, hophuocthinh, alfamen2, burhanudinn123, Ben_Dover, stephanduran89, braddie0, SwolloW, dangarbri, csuquvq have subscribed to this thread and receive emails on new posts.
1 vaatavad hetkel seda teemat.
Seda teemat on vaadatud 25807 korda.