HTB Safe Write-up

less than 1 minute read

Safe

Summary


Safe is an “easy” machine on hackthebox, involving a simple buffer overflow and cracking a keepass file.

User Flag


We use ropstar, get a shell and the user flag.

Root Flag


Using keepass2john we generate a hash file for every image:

keepass2john -k <img> MyPasswords.kdbx > hash

We run rockyou-75.txt against it and find the password “bullshit” rather quickly. Inside the keepass file we find roots password “u3v2249dl9ptv465cogl3cnpo3fyhk”. Now we add our ssh key to “user”, ssh into the box and su to root.

Updated: