SignupHide Sidebar
Username: 
Password: 
Restrict session to IP 
Statistics
47 Sites
187 Challs
9072 Posts
68111 Users
44 donations
1 Shop
47 Active Sites
World of Wargame
WeChall
TheBlackSheep
Rankk
Electrica
NewbieContest
LOST-Chall
Yashira
BrainQuest
Net-Force
HackThisSite
ThisisLegal.com
elhacker.net
TryThis0ne
TDHack
+Ma's Reversing
Hacker.org
HackBBS
Root-Me
SPOJ
Revolution Elite
W3Challs
Gekkó
Webhacking.kr
Reversing.Kr
SuNiNaTaS
Hacking-Challenges
OverTheWire.org
RedTigers Hackit
Defend the Web
Mod-X
Omega Project
ae27ff
pwnable.kr
RingZer0 Team Online CTF
pwnable.tw
Hack The Box
try to decrypt
MysteryTwister
LordofSQLi
Énigmes À Thématiques
247CTF
CryptoHack
PyDéfis
PromptRiddle
PWN.TN
pwn.college
Top 10 Players
dloser
benito255
jusb3
Caesum
tehron
phoenix1204
lordOric
thefinder
Akorlith
Xaav
Last 20 Activities
Haijo18
mrc666
gizmore
wurfkeks
rostale
rostale
ahwp
mrc666
Haijo18
g3i4eruwa
peterkodo
Harrier_Du_Bois
Haijo18
GameIsOn
bartayar123456789
unknown12
NGSM
iamcontrolio
Xaav
livinskull
Online within 1d
44 Users
Haijo18
tehron
NGSM
j40
xseris
lakes1126
cheerfulbull
mrc666
fssix
wurfkeks
ahwp
rostale
criple_ripper
Reishia
g3i4eruwa
gizmore
ShaunOfTheLive
Harrier_Du_Bois
Cerades
bartayar123456789
more
WeChall->Challenges->Challenge: SSH... Z is sleeping

...and I am not yet awake, too  Go to the SSH... Z is sleeping challenge

files
1 2
Global Rank: 187
Totalscore: 109905
Posts: 35
Thanks: 33
UpVotes: 38
Registered: 13y 335d


Last Seen: 66d 1h
The User is Offline
...and I am not yet awake, too
Mar 18, 2012 - 13:20:57 (12y 240d) Google/translate3Thank You!4Good Post!0Bad Post! link
I am at a point where I probably miss something important. The files placed at the obvious locations contain one half needed for a "two part communication". However, to my knowledge it is not the required part to initialize this connection but to accept it. The algorithm itself for the given key length is not reversible in realistic times. The implementation of openssh is up to date (not the old D****n one). The title seems to point to Z's account. He also has group permissions for the level user. However, you would need to have user permissions anyway. I cannot "find" any more files belonging to z or level8 which are readable by me.

Did a file disappear from the server or am I just missing something?

Thx
HiPhiSch

€: Changed a bit in order not to spoil too much
Last edited by HiPhiSch - Mar 18, 2012 - 14:20:22
Global Rank: 244
Totalscore: 88649
Posts: 1674
Thanks: 1356
UpVotes: 912
Registered: 16y 269d




Last Seen: 2h 34m
The User is Offline
Send EMail to gizmore
RE: ...and I am not yet awake, too
Mar 18, 2012 - 13:23:23 (12y 240d) Google/translate2Thank You!1Good Post!2Bad Post! link
Maybe the *** is new, but the **** are old ... you guessed the right thing in your post above. You probably now also know which Smile

Good luck and Happy challenging!
gizmore
The geeks shall inherit the properties and methods of object earth.
Last edited by gizmore - Mar 18, 2012 - 15:39:01
Global Rank: 3093
Totalscore: 6830
Posts: 3
Thanks: 3
UpVotes: 2
Registered: 8y 317d
Last Seen: 8y 310d
The User is Offline
RE: ...and I am not yet awake, too
Dec 31, 2015 - 08:38:17 (8y 317d) Google/translate1Thank You!1Good Post!0Bad Post! link
So its time to ask for a hint.

Facts:
- level8 home folder: /home/level/8
- List of files:
GeSHi`ed bash code for ls
1
2
3
4
56
7
8
9
1011
12
13
14
1516
17
18
19
20
ls -alR
.:
total 36
drwxr-xr-x  4 level8 level8 4096 2012-07-26  .
drwxr-xr-x 24 root   root   4096 2014-01-18  ..drwxrwxr-x  2 level8 level8 4096 2012-02-21  backups
-rw-------  1 level8 level8  932 2014-02-03  .bash_history
-rwx------  1 level8 level8  128 2011-11-28  .bash_logout
-rwx------  1 level8 level8  193 2011-11-25  .bash_profile
-rwx------  1 level8 level8  590 2011-12-06  .bashrc-r--------  1 level8 level8   49 2011-12-28  solution.txt
drwx------  2 level8 level8 4096 2012-02-21  .ssh
 
./backups:
total 12drwxrwxr-x 2 level8 level8 4096 2012-02-21  .
drwxr-xr-x 4 level8 level8 4096 2012-07-26  ..
-rw-r--r-- 1 root   level8  382 2011-12-28  authorized_keys.backup
ls: cannot open directory ./.ssh: Permission denied
 


So the only thing I can do is to view authorized_keys.backup file.
I cannot change this file and add my pub key with hope that user will restore backup.
I cant even create new file with my pub key as authorized_keys.backup1 and then cheange user and permissions.
i even try sudo... and get busted ;)
GeSHi`ed bash code for sudo
1
2
3
4
56
7
8
9
1011

 
We trust you have received the usual lecture from the local System
Administrator. It usually boils down to these three things:
 
    #1) Respect the privacy of others.    #2) Think before you type.
    #3) With great power comes great responsibility.
 
Password: 
flaps is not in the sudoers file.  This incident will be reported. 

So i suppose its wrong thinking.


Please give me a hint or PM me.
Global Rank: 1
Totalscore: 759096
Posts: 437
Thanks: 496
UpVotes: 469
Registered: 15y 108d












The User is Offline
RE: ...and I am not yet awake, too
Dec 31, 2015 - 13:24:03 (8y 317d) Google/translate1Thank You!2Good Post!0Bad Post! link
For a hint, read the two posts above yours.
Global Rank: 4039
Totalscore: 4711
Posts: 8
Thanks: 6
UpVotes: 7
Registered: 6y 251d

Last Seen: 305d 12h
The User is Offline
RE: ...and I am not yet awake, too
May 15, 2018 - 15:43:29 (6y 181d) Google/translate1Thank You!1Good Post!0Bad Post! link
Yes, sir.
I have read the four posts already.
But I still could not figure out what exactly I can do with only a "ssh-rsa public key file"..
Is there more hint special for me?
Smile
Global Rank: 244
Totalscore: 88649
Posts: 1674
Thanks: 1356
UpVotes: 912
Registered: 16y 269d




Last Seen: 2h 34m
The User is Offline
Send EMail to gizmore
RE: ...and I am not yet awake, too
May 22, 2018 - 22:29:52 (6y 173d) Google/translate0Thank You!1Good Post!0Bad Post! link
Once there was a security desaster with debian ssh keys..... read up on this
The geeks shall inherit the properties and methods of object earth.
Global Rank: 7387
Totalscore: 1346
Posts: 3
Thanks: 3
UpVotes: 3
Registered: 5y 127d
Last Seen: 1y 123d
The User is Offline
RE: ...and I am not yet awake, too
Aug 02, 2019 - 17:09:22 (5y 102d) Google/translate1Thank You!1Good Post!0Bad Post! link
I find a vuln,and i get a private key. use ssh -I key to login z@warchall.net ,but need password. why?
Last edited by knywi9 - Aug 02, 2019 - 17:10:42
Global Rank: 1
Totalscore: 759096
Posts: 437
Thanks: 496
UpVotes: 469
Registered: 15y 108d












The User is Offline
RE: ...and I am not yet awake, too
Aug 02, 2019 - 19:12:02 (5y 102d) Google/translate1Thank You!2Good Post!0Bad Post! link
Because that's not how you specify the key. And you also have the wrong user.
Global Rank: 7387
Totalscore: 1346
Posts: 3
Thanks: 3
UpVotes: 3
Registered: 5y 127d
Last Seen: 1y 123d
The User is Offline
RE: ...and I am not yet awake, too
Aug 03, 2019 - 09:59:32 (5y 101d) Google/translate1Thank You!1Good Post!0Bad Post! link
thanks, ssh -i and user is l*****.
Global Rank: 106
Totalscore: 165402
Posts: 15
Thanks: 11
UpVotes: 12
Registered: 3y 195d



Last Seen: 8h 6m
The User is Offline
RE: ...and I am not yet awake, too
Jan 14, 2024 - 04:49:53 (301d 15h) Google/translate1Thank You!1Good Post!0Bad Post! link
Thank you for the state of the challenge directory, flaps!
It seems that some files are currently missing since the lost of the previous warchall box.
Do you still have it somewhere?
1 2
knywi9, randy, Redknee, ckclark, minseo96, tunelko, silenttrack, n0tHappy, nonfungiblesecurity, quangntenemy, TheHiveMind, Z, balicocat, Ge0, samuraiblanco, arraez, jcquinterov, hophuocthinh, alfamen2, burhanudinn123, Ben_Dover, stephanduran89, braddie0, SwolloW, dangarbri have subscribed to this thread and receive emails on new posts.
1 people are watching the thread at the moment.
This thread has been viewed 25400 times.