CTF - Problem with private key authentication
-
Hi,
I found an openssh private key whilst doing a capture the flag challange and saved it as key.txt to my local machine.
Then I wanted to ssh into the machine to get root.
ssh johndoe@example.com -i key.txtBut I always get the following error message:
johndoe@example.com: Permission denied (publickey).Retried to ssh into the machine and the error message looks now like this
Load key "id_rsa": invalid format
johndoe@example.com: Permission denied (publickey).The format looks like this in the file:
-----BEGIN OPENSSH PRIVATE KEY-----
Lorem ipsum dolor sit amet, consectetur adipiscing elit. Aliquam iaculis dui sed dolor scelerisque, nec bibendum risus congue. Proin placerat at elit id vulputate. Fusce ac lacus mi. Aliquam at ex eu felis commodo dictum congue quis est. Nulla tincidunt metus ante, eu vulputate ipsum elementum sit amet. Nullam sed nisi posuere, tincidunt magna non, vehicula ante. Mauris tincidunt eros porta, elementum dolor in, mollis sapien. Nunc nec fermentum tortor. Nunc non pellentesque est. Duis imperdiet, tortor gravida aliquet lacinia, tellus lacus dignissim sem, in mattis nisi odio eget libero. Suspendisse feugiat mollis ex, sed placerat orci aliquam at. Integer malesuada rutrum urna, in rhoncus dui tempor sit amet. Ut non cursus enim. Aenean ultrices est non ante ultrices, ac convallis mauris elementum.
-----END OPENSSH PRIVATE KEY-----Can somebody let me know how to troubleshoot this issue?
-
This post is deleted!
-
Greetings, @Marc-Neugebauer
The problem you're running into is that the key you found doesn't contain normal key info (base64 encoded data string).
Instead someone put in Lorem Ipsum data, which is typically used as a 'filler'. By filler I mean, like if you want to create a website quickly and instead of it being a bunch of blank pages you can fill it with Lorem Ipsum to give it some subtance.
CTFs are usually meant to be puzzles and like many puzzles there may be 'rabbit trails' that are meant to lead you down the wrong path and this very well may be that, or maybe they want you to use RSA encryption to encrypt the Lorem Ipsum data in the key file and then take that output and add use it at the key, or some other option is the way to go. This is the fun of CTFs :)
CTFs are great for learning real-world tactics, but they usually aren't very real-world in many ways either.
I hope that helps,
Daniel
-
Hi Daniel,
You are right I have put in the Lorem Ipsum as filler to obscure the private key ;-)
The problem still persists. I am not able to ssh into the system with the private key.
Guess in a real world scenario it could be helpful to know why there are problems with the private key.
Here is the original key:
-----BEGIN OPENSSH PRIVATE KEY-----
b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAABlwAAAAdzc2gtcn NhAAAAAwEAAQAAAYEAt9IoI5gHtz8omhsaZ9Gy+wXyNZPp5jJZvbOJ946OI4g2kRRDHDm5 x7up3z5s/H/yujgjgroOOHh9zBBuiZ1Jn1jlveRM7H1VLbtY8k/rN9PFe
/MkRsYdH45IvV qMgzqmJPFAdxmkD9WRnVP9OqEF0ZEYwTFuFPUlNq5hSbNRucwXEXbW0Wk7xdXwe3OJk8hu ajeY80riz0S8+A+OywcXZg0HVFVli4/fAvS9Im4VCRmEfA7jwCuh6tl5JMxfi30uzzvke0 yvS1h9asqvkfY5+FX4D9BResbt9AXqm47ajWePksWBoUwhhENLN/1pOgQanK2BR/SC+YkP nXRkOavH
BxHccusftItOQuS0AEza8nfE5ioJmX5O9+fv8ChmnapyryKKn4QR4MAqqTqNIb 7xOWTT7Qmv3vw8TDZYz2dnlAOCc+ONWh8JJZHO9i8BXyHNwAH9qyESB7NlX2zJaAbIZgQs Xkd7NTUnjOQosPTIDFSPD2EKLt2B1v3D/2DMqtsnAAAFgOcGpkXnBqZFAAAAB3NzaC1yc2 EAAAGBALfSKCOYB7c/KJobGmfRsvsF
8jWT6eYyWb2zifeOjiOINpEUQxw5uce7qd8+bPx/ 8ro4I4K6Djh4fcwQbomdSZ9Y5b3kTOx9VS27WPJP6zfTxXvzJEbGHR+OSL1ajIM6piTxQH cZpA/VkZ1T/TqhBdGRGMExbhT1JTauYUmzUbnMFxF21tFpO8XV8HtziZPIbmo3mPNK4s9E vPgPjssHF2YNB1RVZYuP3wL0vSJuFQkZhHwO48AroerZeSTMX4t9
Ls875HtMr0tYfWrKr5 H2OfhV+A/QUXrG7fQF6puO2o1nj5LFgaFMIYRDSzf9aToEGpytgUf0gvmJD510ZDmrxwcR 3HLrH7SLTkLktABM2vJ3xOYqCZl+Tvfn7/AoZp2qcq8iip+EEeDAKqk6jSG+8Tlk0+0Jr9 78PEw2WM9nZ5QDgnPjjVofCSWRzvYvAV8hzcAB/ashEgezZV9syWgGyGYELF5HezU1J4zk KLD
0yAxUjw9hCi7dgdb9w/9gzKrbJwAAAAMBAAEAAAGAFlFwyCmMPkZv0o4Z3aMLPQkSyE iGLInOdYbX6HOpdEz0exbfswybLtHtJQq6RsnuGYf5X8ThNyAB/gW8tf6f0rYDZtPSNyBc eCn3+auUXnnaz1rM+77QCGXJFRxqVQCI7ZFRB2TYk4eVn2l0JGsqfrBENiifOfItq37ulv kroghSgK9SE6jYNgPsp8B2Yrg
CF+laK6fa89lfrCqPZr0crSpFyop3wsMcC4rVb9m3uhwc Bsf0BQAHL7Fp0PrzWsc+9AA14ATK4DR/g8JhwQOHzYEoe17iu7/iL7gxDwdlpK7CPhYlL5 Xj6bLPBGmRkszFdXLBPUrlKmWuwLUYoSx8sn3ZSny4jj8x0KoEgHqzKVh4hL0ccJWE8xWS sLk1/G2x1FxU45+hhmmdG3eKzaRhZpc3hzYZXZC9ypjsFDA
yG1ARC679vHnzTI13id29dG n7JoPVwFv/97UYG2WKexo6DOMmbNuxaKkpetfsqsLAnqLf026UeD1PJYy46kvva1axAAAA wQCWMIdnyPjk55Mjz3/AKUNBySvL5psWsLpx3DaWZ1XwH0uDzWqtMWOqYjenkyOrI1Y8ay JfYAm4xkSmOTuEIvcXi6xkS/h67R/GT38zFaGnCHh13/zW0cZDnw5ZNbZ60VfueTcUn9Y
3 8ZdWKtVUBsvb23Mu+wMyv87/Ju+GPuXwUi6mOcMy+iOBoFCLYkKaLJzUFngOg7664dUagx I8qMpD6SQhkD8NWgcwU1DjFfUUdvRv5TnaOhmdNhH2jnr5HaUAAADBAN16q2wajrRH59vw o2PFddXTIGLZj3HXn9U5W84AIetwxMFs27zvnNYFTd8YqSwBQzXTniwId4KOEmx7rnECoT qmtSsqzxiKMLarkVJ+4a
VELCRutaJPhpRC1nOL9HDKysDTlWNSr8fq2LiYwIku7caFosFM N54zxGRo5NwbYOAxgFhRJh9DTmhFHJxSnx/6hiCWneRKpG4RCr80fFJMvbTod919eXD0GS 1xsBQdieqiJ66NOalf6uQ6STRxu6A3bwAAAMEA1Hjetdy+Zf0xZTkqmnF4yODqpAIMG9Um j3Tcjs49usGlHbZb5yhySnucJU0vGpRiKBMqPeysaq
GC47Ju/qSlyHnUz2yRPu+kvjFw19 keAmlMNeuMqgBO0guskmU25GX4O5Umt/IHqFHw99mcTGc/veEWIb8PUNV8p/sNaWUckEu9 M4ofDQ3csqhrNLlvA68QRPMaZ9bFgYjhB1A1pGxOmu9Do+LNu0qr2/GBcCvYY2kI4GFINe bhFErAeoncE3vJAAAACXJvb3RAbWV0YQE=
-----END OPENSSH PRIVATE KEY----- -
This post is deleted!
-
I noticed that there are a bunch of newlines in the key. Is that from you pasting it into the forum post, or are they original to your key?
-
It's from pasting in the forum. In my key file are no newlines.
After some contemplation of this issue I found the following article
how-to-convert-openssh-to-ssh2Might be that I have to convert it somehow to a standard ssh format in order to log into the machine.
ssh-keygen -e -f path/to/opensshprivate.key > path/to/ssh2privatekey/ssh2privatekey
So I tried to use the formula mentioned in the article to no avail.
ssh-keygen -e-f /home/user/id_rsa > /home/user/standardsshkey.txt
Load key "/home/user/id_rsa": invalid formatGuess the Meta machine at HTB keeps the user flag heavily guarded...