100 Days of Hacking — Day 11
What’s up fellow hackers! it’s day 11 of the 100daysofhacking challenge.
Objectives of day 11 :
- What’s the big deal about ssh key cracking and how to do it with john the ripper
- Try hacking a tryhackme room (okay poor technical joke there)
Reports of day 11 :
https://linuxconfig.org/ssh-password-testing-with-hydra-on-kali-linux
https://bughacking.com/how-to-crack-ssh-private-key-with-john-the-ripper/
These were the resources I referred to and provided a great deal of my understanding of SSH keys. I am learning these stuff just now :”) whereas I’ve been using these id_rsa keys for a long time (2 months or so).
Now I tried this room https://tryhackme.com/room/gamingserver
It has ssh2john in it’s label so I chose this one.
Eureka moment : My script for CTF automation is working honestly it was just a few minutes and I grabbed the user.txt
The privilege escalation part was a bit tough and I couldn’t do it. It was a new topic and I thought I should spend separate time on that.
It was about lxd group containers which is used to mount root folder on host machine.
Back to this bible where lxd/lxc privilege escalation is explained well. Anyways I watched this and the concept became clearer https://www.youtube.com/watch?v=7x4gwV632o0
sbin/shutdown(day11)
