Hack The Box OSINT Breach Challenge Writeup

Hack The Box Breach challenge is one of the challenges I recently completed. The Breach is as well an easy challenge like other challenges in the OSINT section.

The challenge comes with a zipped folder, that contains there files. A txt file (public-data-breach.txt) with a list of ids, first_name, last_name, email, gender,ip_address, password, a subfolder contains document says key.docx which is password locked, and a job posting letter that has an email id.

My initial thoughts ware like, somting to do with web designing and a website. The job posting decoment gave me a hint about the domain name, however the domain is not registered, so I procced to check the twitter account @supersecstartup.

From the twitter page I found couple of SuperSecureStartuo’s employees. I searched them in the data breach list, I found the HR staff Bianka Phelps’ email and password.

17620,Bianka,Phelps,b.phelps@supersecurestartup.com,Female,126.204.123.232,"Love!July2018"

I thought I can use this password to unlock the key file, but the password isnt accepted. A small hint in the forum helped me to guess the password.

The password I found in the breached list is "Love!July2018" , the key.docx file modified date is 23.03.2019 – how about changing the password to Love!March2019

And it worked!! – The file has an Encrypted SSH Key for root user. SFRCe1A0c3N3MHJkX0JyM2FjaDNzX0M0bl9CM19BX1RyM2FzdXIzX1Ryb3YzXzBmX0luZjBybWF0aTBufQ==

Its a base64 encoading, so I used CyberChef to decode the key

Flag: HTB{P4ssw0rd_Br3ach3s_C4n_B3_A_Tr3asur3_Trov3_0f_Inf0rmati0n}

Navin

Hey there, I'm Navin, a passionate Info-Sec enthusiast from Bahrain. I started this blog to share my knowledge. I usually write on HackTheBox machines and challenges, cybersecurity-related articles and bug-bounty. If you are an HTB user and like my articles, please respect here: Profile: https://www.hackthebox.eu/nav1n

Subscribe
Notify of
guest
0 Comments
Inline Feedbacks
View all comments
Sorry, that action is blocked.