VishwaCTF-22 => John the rocker (Cryptography)
Challenge Info
Description: None
Files: https://github.com/shriyanss/VishwaCTF-22/blob/main/idrsa.id_rsa.docx
Solution
This is an easy cryptography challenge. In this challenge, we’ve got a file, which is a SSH private key. So, the most probable things are:-
- Get an SSH server
- Crack the key
As the name suggests, we should use John the Ripper (it is a hash cracking tool) to crack this. After googling it, I got the following article: https://null-byte.wonderhowto.com/how-to/crack-ssh-private-key-passwords-with-john-ripper-0302810/. So following the steps as mentioned.
First of all, download the ssh2john python script from github:-
~$ wget https://raw.githubusercontent.com/magnumripper/JohnTheRipper/bleeding-jumbo/run/ssh2john.py
Now, get the hash for it using ssh2john
~$ python3 ssh2john.py idrsa.id_rsa.docx > hash
Now, the hash is written to file name as “hash”. So the next step is to crack it.
A quick revision for what hash is: see wikipedia
So, as default, our wordlist is rockyou.txt. It is located at “/usr/share/wordlists/rockyou.txt.gz” by default (you have to extract it before using it) in Kali Linux and Parrot OS.
So cracking the hash:-
~$ john --wordlist=/usr/share/wordlists/rockyou.txt hash
So here, we’ve successfully cracked the hash. Since our flag format is “vishwaCTF{secret}”, so our flag would be “vishwaCTF{!!**john**!!}”
Takeaways
- Try to crack SSH keys if you get it on web servers and you can report it.
Get more VishwaCTF-22 writeups here