Web
Nmap discovered a web server on the target port 80
The running service is nginx 1.18.0
Webroot
The footer indicates that the web application is a Flask app, written in Python
The NAV bar in the header shows 3 buttons leading to difference resources
While the About button doesn’t appear to provide any valuable information, the Contact Button leads to an interesting page
Contact page suggests to submit an encrypted text.
guide is also available
While this page provides a demo for PGP encryption/decryption, there is also a link to the organization’s public PGP key at /pgp
GPG
Pretty Good Privacy (PGP) is an encryption program that provides cryptographic privacy and authentication for data communication. PGP is used for signing, encrypting, and decrypting texts, e-mails, files, directories, and whole disk partitions and to increase the security of e-mail communications. Phil Zimmermann developed PGP in 1991.
┌──(kali㉿kali)-[~/archive/htb/labs/sandworm]
└─$ curl -s --insecure https://ssa.htb/pgp -o ssa.publicDownloading the public key
┌──(kali㉿kali)-[~/archive/htb/labs/sandworm]
└─$ gpg --import ssa.public
gpg: key C61D429110B625D4: public key "SSA (Official PGP Key of the Secret Spy Agency.) <atlas@ssa.htb>" imported
gpg: Total number processed: 1
gpg: imported: 1Importing the public key using gpg
When importing a PGP key, the additional information that may come along with the public key includes:
- User ID: The owner’s name and email address for identification.
- Key ID: A short identifier derived from the public key.
- Key Fingerprint: A unique cryptographic hash of the public key.
- Key Revocation Certificate: A file to mark the key as revoked.
- Signatures: Additional signatures from other users to establish trust. Verifying the authenticity and trustworthiness of the key and associated information is important for secure communication.
┌──(kali㉿kali)-[~/archive/htb/labs/sandworm]
└─$ gpg -k
/home/kali/.gnupg/pubring.kbx
-----------------------------
pub rsa4096 2023-05-04 [SC]
D6BA9423021A0839CCC6F3C8C61D429110B625D4
uid [ unknown] SSA (Official PGP Key of the Secret Spy Agency.) <atlas@ssa.htb>
sub rsa4096 2023-05-04 [E]The imported public key is now available for use
Notice the username; atlas
Encryption
┌──(kali㉿kali)-[~/archive/htb/labs/sandworm]
└─$ gpg --encrypt --recipient atlas@ssa.htb test.txt
gpg: 6BB733D928D14CE6: There is no assurance this key belongs to the named user
sub rsa4096/6BB733D928D14CE6 2023-05-04 SSA (Official PGP Key of the Secret Spy Agency.) <atlas@ssa.htb>
primary key fingerprint: D6BA 9423 021A 0839 CCC6 F3C8 C61D 4291 10B6 25D4
subkey fingerprint: 4BAD E0AE B5F5 5080 6083 D5AC 6BB7 33D9 28D1 4CE6
It is NOT certain that the key belongs to the person named
in the user ID. If you *really* know what you are doing,
you may answer the next question with yes.
Use this key anyway? (y/N) yThis is the most standard form of PGP encryption to secure a file.
Only the recipient who presumably generated both the public and private key is able to decrypt the file, test.txt, as PGP uses asymmetric cryptography
┌──(kali㉿kali)-[~/archive/htb/labs/sandworm]
└─$ ll
total 20K
4.0k -rw-r--r-- 1 kali kali 619 jun 28 14:55 test.txt.gpg
4.0k drwxr-xr-x 2 kali kali 4.0k jun 28 14:55 .
4.0k -rw-r--r-- 1 kali kali 24 jun 28 14:54 test.txt
4.0k -rw-r--r-- 1 kali kali 3.2k jun 28 14:11 ssa.public
4.0k drwxr-xr-x 106 kali kali 4.0k jun 28 13:29 ..
┌──(kali㉿kali)-[~/archive/htb/labs/sandworm]
└─$ file test.txt.gpg
test.txt.gpg: PGP RSA encrypted session key - keyid: 6BB733D9 28D14CE6 RSA (Encrypt or Sign) 4096b .
┌──(kali㉿kali)-[~/archive/htb/labs/sandworm]
└─$ cat test.txt.gpg
�
��iQQ��̔����j�*�N��Ǫ��+����G�)��W�K��P��4U�d�^�����a#)I%$���2{�(g��^�����,�PbBL-Dz�I�W�
%�7�
��k��s
�`�#�_�Y�2%qbY��Z�K4D�
tn.MH�5=�Q�
�w����]�����$�7�οP� �,������tf�J/��"�o5w/_�6ig�ƩM����cs�}�y�w�Kf����@��"Ŷ�ͳ��a � �v���.*���Y
��m�ܺ7>��bn���,��.��4 �8�w@�:<��U���
�6���������gjh�� �v����Piv������� >,��thA��6����5�^����Z"m!gȽ|YQW#r�8�h��0�r!�Em�]b�]l��y�C�O<v�Rb1qif�`��2�3�c����GMdmв�ώ���IԤ��9����� It indeed generated the encrypted file, test.txt.gpg, which can not be read
┌──(kali㉿kali)-[~/archive/htb/labs/sandworm]
└─$ echo 'This is a clear message' | gpg --encrypt --recipient atlas@ssa.htb
gpg: 6BB733D928D14CE6: There is no assurance this key belongs to the named user
sub rsa4096/6BB733D928D14CE6 2023-05-04 SSA (Official PGP Key of the Secret Spy Agency.) <atlas@ssa.htb>
primary key fingerprint: D6BA 9423 021A 0839 CCC6 F3C8 C61D 4291 10B6 25D4
subkey fingerprint: 4BAD E0AE B5F5 5080 6083 D5AC 6BB7 33D9 28D1 4CE6
It is NOT certain that the key belongs to the person named
in the user ID. If you *really* know what you are doing,
you may answer the next question with yes.
Use this key anyway? (y/N) y
�
k�3�(�L��pgZ���}|�����ծ�<DM-׆�AWXy�U��U<�Y5<# [m1x5�p��{�ѝ���a��<���
0��
.e T�f|��6[�����I��L�.���u�Aw<L�
y��=!!�
�5��܅�ko2@v��ڗr�[x%4e�c�a,�u�t��]{x�f99����q����8�{����pڡ���`��$&8��d:��NR��̤�1r�)c2`%16g}��!e_pNژM�,�K�c�iA�K�B�gۥm��ʓ
��;����ĸ�T\��!%�a�����&\r'�_At�[DVr0+��e�XLWx��wvh�����N�J��5[�������X�b r�ҝ"`sQ�|�f��&B���T��q�LqS�ã��ʱ�7�N�
��6o:S]�%������y�k�!�8��Z��~�\F���L�BR
��'1��i� ��/��K��^��
Ze��������� K�Qf܃�d�VU^˓k°h'퀟�b�juo���fތ�W��U��k�{��i{R,�ܲk߇�����&[mQ�@�����nYC� I can also just encrypt a cleartext by piping it into the command However, this would result outputting the raw binary data
The web app obviously cannot process this.
┌──(kali㉿kali)-[~/archive/htb/labs/sandworm]
└─$ echo 'This is a clear message' | gpg --armor --encrypt --recipient-file ssa.public
-----BEGIN PGP MESSAGE-----
hQIMA2u3M9ko0UzmAQ//VDKq3DcoYC8T0l4nfrYmDL/Ou2/Q6vVp7HjrkkBj26pl
tjwj6+uXrSDWxDsuHIHzeFAyOL5PPKFBVd1NtYwmf4ixmj3C/eZaYdckhGwsJPjC
SpFyWb6WSu5ZOTJO5YmmNMC1Yme1SmyEsjhsL2vN8l80VOkvFURF2qCmIh41bcC8
+q3d/cWFcphcuflwGZIT8CPKRtXw4cb4063jKoKy5W7iKh1EnUg/10cqmzJl/Jxg
LeTyY7PWjtuAo1hsiATZDS93EsWIb5wVS9T1DMfVITd7TVF+Dfq7QhMjCVIQZbFz
10orG3NZSa/829iRmI4WvqpTtIwFYBsvOLs0rjDCk50QMQB7M2LquVyhdimORZIR
ltUSOVb+45co95rSdaa9o/nvczuxfNKci0VF+UkBsdkCE0GIhGGch8m0+OcUl6ZR
vxkS6tXqkUyEZPDlXsw+hvhhEVVK2a+8udB1tGiqAocrq4BFWqRPX1fhtlZtKL4L
BB9ZrBss9BtwNa3IAqirCYSiclJ/eBrBAakc6rjlD5dShDLzExLxmPYCpDD9DTQS
GSAytNStgiuHZYXRNSvvSVk5jACdSJY4ISyAHTNFS5YIU5XXzRJvBi0Y8Qq8Ury3
Vs5tiK8ZB6CYoXLKuDOhMnVjqUGGC47pmDAq5kZUmEuGYMFMRU1jPBp8ekOXNlbS
UgEk7uEeophIVto9lHmzUFCM1/xvy7bW/vFyS1Lr4cRLj+JUT97cPJbnVafao7aL
RV5Kp3+kPXnvGraArqMLbRVSAcr9JeK54PiVnI+PJtlyO/s=
=GYMA
-----END PGP MESSAGE-----For that very reason, the --armor flag is used. ASCII-armoring converts the binary encrypted data into a plain text format that can be easily copied and pasted.
*This time, I used the --recipient-file flag with the organization’s public key file, ssa.public, instead of the --recipient flag *
The --recipient-file flag can be used WITHOUT importing the public key file
and this indeed works
Key Pair Generation
The --gen-key flag is used to initiate the key pair generation process in GPG, but there are additional flags and options
--quick-gen-key: Generate a key pair quickly, without interactive setup.--batch: Enable non-interactive (batch) mode for key generation.--full-gen-key: Start the interactive full key generation process.--expert: Activate expert mode during key generation.--passphrase: Set a passphrase to encrypt and protect the generated private key.--key-type: Specify the type of key to generate (RSA, DSA, ECC, etc.).--key-length: Set the desired key length in bits.--expire-date: Set an expiration date for the key.--name-real: Specify the real name of the key owner.--name-email: Specify the email address of the key owner.--name-comment: Specify a comment associated with the key.--no-default-keyring: Do not use the default keyring file.--secret-keyring: Specify the location of the secret keyring file.--keyring: Specify the location of the keyring file.--no-random-seed-file: Do not write a random seed file during key generation.--random-file: Use a specific file as a source of random data.
Keyring file in this context is not an individual key file, but is a collection of a collection of key files containing multiple keys, typically in binary format
┌──(kali㉿kali)-[~/archive/htb/labs/sandworm]
└─$ gpg --gen-key
gpg (GnuPG) 2.2.40; Copyright (C) 2022 g10 Code GmbH
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.
Note: Use "gpg --full-generate-key" for a full featured key generation dialog.
GnuPG needs to construct a user ID to identify your key.
Real name:
Email address: test@test.test
You selected this USER-ID:
"test@test.test"
Change (N)ame, (E)mail, or (O)kay/(Q)uit? O
We need to generate a lot of random bytes. It is a good idea to perform
some other action (type on the keyboard, move the mouse, utilize the
disks) during the prime generation; this gives the random number
generator a better chance to gain enough entropy.
We need to generate a lot of random bytes. It is a good idea to perform
some other action (type on the keyboard, move the mouse, utilize the
disks) during the prime generation; this gives the random number
generator a better chance to gain enough entropy.
gpg: revocation certificate stored as '/home/kali/.gnupg/openpgp-revocs.d/CF0D525B445755119108287DAB9F22E6B2EB63EE.rev'
public and secret key created and signed.
pub rsa3072 2023-06-28 [SC] [expires: 2025-06-27]
CF0D525B445755119108287DAB9F22E6B2EB63EE
uid test@test.test
sub rsa3072 2023-06-28 [E] [expires: 2025-06-27]
The default key pair generation goes through the interactive mode to provide the necessary information, such as identifier, passphrase, name
Both the public and private key are now available for use
Export
┌──(kali㉿kali)-[~/archive/htb/labs/sandworm]
└─$ gpg --export --armor test@test.test
-----BEGIN PGP PUBLIC KEY BLOCK-----
mQGNBGScNqMBDADcpLBqu+X8Ylik/sn79t0QVMY9cwz78wPuzyvmlWskzFaZaLAe
dmG77etXoXr0FFduBtWIq+aM1hV5NagOPC29ESk+Xg+1BrB9pEhzSTkT73QnVQv6
NU0LgV2H0fQGa2d+OVz1f97XH9OG0Wfmgd9texcmv3s491uKOlk4xDIVkx0XEOCu
zNqbebDoIsZLuKvdUn6NY1KlvtxDIjpyWu0hkRVxM6SOXkL3WjTEAPSeGe0t4gBD
CZihwF4UwFThMhDbR2NxEVGM+8sfAp4XBYbP+cM7OEHTqevoXQsChOQmc0TgmABk
uG+XYH4UQ09mAVfY/6R5C0L6VlpNH2+BCHBeVLUqDiQi9Hpd1AeIrEOWMm8XycAm
U691yQE1+NgSp6Wzclt9zpszPN2MmLt8imHA0kHaj9ubFCOg+IqitqbKyzrTs+7h
9ITxuWlP6UedfD1k3LVZ6s7fVz4eJqxaismBh6DBGpn3ODiT+jd7dZzk6SOClwE0
d4C+P17xcU8md6cAEQEAAbQOdGVzdEB0ZXN0LnRlc3SJAdQEEwEKAD4WIQTPDVJb
RFdVEZEIKH2rnyLmsutj7gUCZJw2owIbAwUJA8JnAAULCQgHAgYVCgkICwIEFgID
AQIeAQIXgAAKCRCrnyLmsutj7oV8C/9HYkR4a9ckSx/77ka6HvMfSOmCJ3jB9Z0M
l/XCTSOzD3q/1BKxgnnscZRWXjD30aHczutTnI4VgL7+FIDFutfbTYsiqB9KUsG5
b44UhvcHPmxdM7CPQEKp7pE+ix9hy6+yGsUEOAeBEcDRcqm7LARNdzUp3OiB0SWK
Aj35wbBJyvn+OoDncjpto3hJvrSiELLzRZjJW4VM6gI9qHVY0aCSGSu71Zs//+QP
LLq4npyfWmroyii28nBrH4MfG2EMqEFzFu8tvaVt8Pv8OuCwpM9BQVB2qhhjQd22
OzYfHe+zYBvZ/jB03rR8YwRKfXFX9x5JLyBuCB/GAFw7VIxl2mWW8r38/2l/80pf
xmZLDiys2QSJHaNWhlxB3GtWIfoUNlMJD4dVs3+EIj4QzyRZVOt88S6f+hltRx32
tw2QwXGyVYfHZl6Xfau/Vh7peBIw2MHsjc2ogTtL02Zg8HEaBcSAZoORlDeRHmXt
Ig5oXQyFY6cModpnPnPtdywxUhH+HZ+5AY0EZJw2owEMANAedjpKIDB71I4VRUiX
GgF8gF2/LLhmMdCgpV2o7rUfEvQc7guSIKLX6XeQQfK6GX7ydzSHxkee3mTNvtTu
5/FxvoJSobHZQLPYZXabApc5VHFtoBHpIMFBjNvcCL0QAuADbwzotKdD2IZnfVgE
KO+P2YJAhxIelZZV0nuywG0lAyCizvaLLm6S2Ilhu8I/HZ0xnOQbgar4z7bxkCXZ
h75t1UywDL0wRDKsIV9qq+Km7zlYyVB5Q+pEz7ENwQZcZktKtLnnx/v8GASuN+tC
2rb3KzXPpvQN/H/v2qEcMm11nYC1lq+23nzyDwjk9QpuFyaVfqtKLaLtJ19lQHrK
yLFIMjM5ev7IXqd/jBlk4QqROKuR0+IeK3Yl4GaV+V3+QJXjAThvfUJjVw83gBQG
GwRl9sjjY1HYeb0gOPpEzn0/XWDYY9zHG12YmwrH6nwOxlbjOsQgxJSWPzt/1G3E
ot/KS5C3b92MHJXXaAzlbbbe1G9G9ZsN7PioqdPRgY9lpwARAQABiQG8BBgBCgAm
FiEEzw1SW0RXVRGRCCh9q58i5rLrY+4FAmScNqMCGwwFCQPCZwAACgkQq58i5rLr
Y+57GQv/TsHkWn/dykKlnb/fgxqzzJZynXef47oNqMPdVM6yX4AwZ6KIpQ4QEUNj
Tn2rRtiCpDzKxuiUrvjv2571NSU0ZBkJ/BSGNe/y54NTQD0Cz+Gjn5DBaeRuzuDW
KG+Gv5XGGA+/IpKYh/wLSQntIbbnK1frCsTb/xrMHczMXMEQvuKrdJh3NFngLQ/5
+EwW9JhZ9maC7iL02oV9KJvcuTmJ6hYcxp3yFTIyIol+R5Dp77WRho0WUA17KvRi
UsyOokdNsRWYLTU27mTS5oTHYNYJ/Of4lN5tABfS9qZXLKVxCMTDLvYwDU7YtlgO
T9uqE1j059mXk/kbNSpOdf30EpMnFftxMeEDF7QBw+7T3Tb9+4ql88bQAlGn0W4p
TQWCGGbVyFyQWJRbPNMuTd0yiFIZlZ/MvShSJj32Ph4oGSIh0bmgQUvLLXPjT7nT
XqKc8B8guaSeCAf4Ug2n4AWLUN+0H/N/Js6I4vTNej2e9hBuPXmgsIgYzupdvFhA
obglhWh6
=MYYx
-----END PGP PUBLIC KEY BLOCK-----I can also export the individual public key with the --export flag followed by the identifier, test@test.test
I also provided the --armor flag for ease of delivery
I can then provide my freshly exported public key to the organization and I get an encrypted message
I will save that encrypted message to a file, msg.enc
Decryption
I get prompted for password
and the decrypted message is revealed.
As the message suggests to learn signing and verifying, I will go over those
Signature & Verification
A digital signature certifies and timestamps a document. If the document is subsequently modified in any way, a verification of the signature will fail, thus, assuring the integrity and authenticity of a file. It is generated using the signer’s private key, creating a unique digital fingerprint of the file’s contents.
Creating and verifying signatures uses the public/private keypair in an operation different from encryption and decryption. A signature is created using the private key of the signer. The signature is verified using the corresponding public key.
┌──(kali㉿kali)-[~/archive/htb/labs/sandworm]
└─$ echo "A signiture ensures the integrity and authenticity of a file" > sign.txt I will first create an arbitrary txt file to work with
There are 3 different signatures
--sign--clear-sign--detach-sign
--sign
┌──(kali㉿kali)-[~/archive/htb/labs/sandworm]
└─$ gpg --output sign.sig --sign sign.txt
The document is compressed before being signed, and the output is in binary format. (--armor flag can be invoked to keep it in the ASCII format)
┌──(kali㉿kali)-[~/…/htb/labs/sandworm/test]
└─$ ls
sign.sig
┌──(kali㉿kali)-[~/…/htb/labs/sandworm/test]
└─$ gpg --verify sign.sig
gpg: Signature made Wed 28 Jun 2023 06:28:05 PM CEST
gpg: using RSA key CF0D525B445755119108287DAB9F22E6B2EB63EE
gpg: Good signature from "test@test.test" [ultimate]Given a signed document, I can either check the signature (--verify)
┌──(kali㉿kali)-[~/…/htb/labs/sandworm/test]
└─$ gpg --output sign.txt --decrypt sign.sig
gpg: Signature made Wed 28 Jun 2023 06:28:05 PM CEST
gpg: using RSA key CF0D525B445755119108287DAB9F22E6B2EB63EE
gpg: Good signature from "test@test.test" [ultimate]
┌──(kali㉿kali)-[~/…/htb/labs/sandworm/test]
└─$ ls
sign.sig sign.txt
┌──(kali㉿kali)-[~/…/htb/labs/sandworm/test]
└─$ cat sign.txt
A signiture ensures the integrity and authenticity of a fileor check the signature and recover the original document with--output and --decrypt
--clear-sign
┌──(kali㉿kali)-[~/archive/htb/labs/sandworm]
└─$ gpg --output sign.sig --clear-sign sign.txt ; cat sign.sig
-----BEGIN PGP SIGNED MESSAGE-----
hash: SHA512
A signiture ensures the integrity and authenticity of a file
-----BEGIN PGP SIGNATURE-----
iQGzBAEBCgAdFiEEzw1SW0RXVRGRCCh9q58i5rLrY+4FAmScW68ACgkQq58i5rLr
Y+4K1wv/ceG5PYQF7Un2wgnvB7jLigOIpuqAdhiMaCYQpHyHu67VWxp5uBNZrBSF
UBzwHswsvr1E06i1CUDddcrZi3FhJyQYyCUJaCMHmOnTJ5xMOjhk784gDc6shkY9
rJBTI1Y134eSpjTQKgy17KwIrovHhQwhM7uwL+11E8TgtQ3Vu+SadOTDloRUO2g9
tHxW5RuF9oyzmLCr28hVviBz0u1r7lpK+gxQrp43pks6gzOuHeJPWP1kgojD8z1c
ycyUqdB4aSt5lSJDw8B2s6COuTH9PgdSXCwFhoEl4KFU+EBuXZNeg7BYyBSI+Hs3
zdZF8l4t5dzmAdKDkOwKqyxC+By1P40y8Omi08zemK/HyBjxkdYp3E3zN4sFgcvj
cCTKgetaun8ziCjCEM4E6ZQKwyVxH4waKr+3+wDRcbhXiV4uniZp7ObPBg8gx5hm
EK/+IV16ANyC1LbGi71rVhmK/AGSlqaN2hheiVqPVKvYQTJygUlmR0IFr8Sbclj9
SiRM7auF
=EwyF
-----END PGP SIGNATURE-----A common use of digital signatures is to sign usenet postings or email messages. In such situations it is undesirable to compress (binary) the document while signing it. The --clear-sign flag causes the document to be wrapped in an ASCII-armored signature (much like --armor) but otherwise does not modify the document.
┌──(kali㉿kali)-[~/…/htb/labs/sandworm/test]
└─$ gpg --output sign.sig --clear-sign sign.txt ; rm sign.txt
┌──(kali㉿kali)-[~/…/htb/labs/sandworm/test]
└─$ ll
total 12K
sign.sig
┌──(kali㉿kali)-[~/…/htb/labs/sandworm/test]
└─$ gpg --verify sign.sig
gpg: Signature made Wed 28 Jun 2023 06:25:16 PM CEST
gpg: using RSA key CF0D525B445755119108287DAB9F22E6B2EB63EE
gpg: Good signature from "test@test.test" [ultimate]Given a signed document, I can either check the signature with the --verify flag
┌──(kali㉿kali)-[~/…/htb/labs/sandworm/test]
└─$ gpg --output sign.txt --decrypt sign.sig
gpg: Signature made Wed 28 Jun 2023 06:25:16 PM CEST
gpg: using RSA key CF0D525B445755119108287DAB9F22E6B2EB63EE
gpg: Good signature from "test@test.test" [ultimate]
┌──(kali㉿kali)-[~/…/htb/labs/sandworm/test]
└─$ ls
sign.sig sign.txt
┌──(kali㉿kali)-[~/…/htb/labs/sandworm/test]
└─$ cat sign.txt
A signiture ensures the integrity and authenticity of a fileor check the signature and recover the original document with --output and --decrypt
The verification shows my email
Given the fact that the web application is built on Flask, SSTI might be possible
--detach-sign
┌──(kali㉿kali)-[~/…/htb/labs/sandworm/test]
└─$ gpg --output sign.sig --detach-sign sign.txt ; rm sign.txtA signed document has limited usefulness. Other users must recover the original document from the signed version, and even with clear-signed documents, the signed document must be edited to recover the original. Therefore, there is a third method for signing a document that creates a detached signature, which is a separate file. A detached signature is created using the --detach-sign flag
┌──(kali㉿kali)-[~/…/htb/labs/sandworm/test]
└─$ ll
total 12K
4.0K drwxr-xr-x 2 kali kali 4.0K Jun 28 18:18 .
4.0K -rw-r--r-- 1 kali kali 438 Jun 28 18:17 sign.sig
4.0K drwxr-xr-x 3 kali kali 4.0K Jun 28 18:17 ..
┌──(kali㉿kali)-[~/…/htb/labs/sandworm/test]
└─$ gpg --verify sign.sig
gpg: no signed data
gpg: can't hash datafile: No dataUnlike the other 2 signing flags above, the original document and the signature file is required for verification
┌──(kali㉿kali)-[~/…/htb/labs/sandworm/test]
└─$ gpg --verify sign.sig ../sign.txt
gpg: Signature made Wed 28 Jun 2023 06:17:35 PM CEST
gpg: using RSA key CF0D525B445755119108287DAB9F22E6B2EB63EE
gpg: Good signature from "test@test.test" [ultimate]Due to the nature of how it operates, recovery of the original file is not possible. Only the verification.
ssa Verification
I can verify and recover the message
┌──(kali㉿kali)-[~/archive/htb/labs/sandworm]
└─$ nano ssa.sig
┌──(kali㉿kali)-[~/archive/htb/labs/sandworm]
└─$ gpg --output ssa.txt --decrypt ssa.sig
gpg: Signature made Thu 04 May 2023 06:13:47 PM CEST
gpg: using RSA key D6BA9423021A0839CCC6F3C8C61D429110B625D4
gpg: Good signature from "SSA (Official PGP Key of the Secret Spy Agency.) <atlas@ssa.htb>" [unknown]
gpg: WARNING: This key is not certified with a trusted signature!
gpg: There is no indication that the signature belongs to the owner.
primary key fingerprint: D6BA 9423 021A 0839 CCC6 F3C8 C61D 4291 10B6 25D4
┌──(kali㉿kali)-[~/archive/htb/labs/sandworm]
└─$ cat ssa.txt
This message has been signed with the official SSA private key.
Import our public key linked above into your keychain and use your favorite program to verify this message. PGP signatures are the only reliable way to verify someone's identity within Cyberspace, and ensure secure and private communication between two parties.
Knowing how to Encrypt/Decrypt messages, as well as verifying them is an imperative skill if you wish to conduct yourself securely, without any prying eyes on you.
Make sure you use verified, open-source programs such as KGpg, Kleopatra, OpenPGP, etc.
And finally, rule number one in asymmetric encryption is to keep your PRIVATE key safe. It is for your eyes only.
SSAbravo
Fuzzing
┌──(kali㉿kali)-[~/archive/htb/labs/sandworm]
└─$ ffuf -c -w /usr/share/wordlists/seclists/Discovery/Web-Content/directory-list-2.3-medium.txt -u https://ssa.htb/FUZZ -ic -e .txt,.php,.html
________________________________________________
:: Method : GET
:: URL : https://ssa.htb/FUZZ
:: Wordlist : FUZZ: /usr/share/wordlists/seclists/Discovery/Web-Content/directory-list-2.3-medium.txt
:: Extensions : .txt .php .html
:: Follow redirects : false
:: Calibration : false
:: Timeout : 10
:: Threads : 40
:: Matcher : Response status: 200,204,301,302,307,401,403,405,500
________________________________________________
contact [Status: 200, Size: 3543, Words: 772, Lines: 69, Duration: 310ms]
about [Status: 200, Size: 5584, Words: 1147, Lines: 77, Duration: 310ms]
login [Status: 200, Size: 4392, Words: 1374, Lines: 83, Duration: 367ms]
view [Status: 302, Size: 225, Words: 18, Lines: 6, Duration: 324ms]
admin [Status: 302, Size: 227, Words: 18, Lines: 6, Duration: 324ms]
guide [Status: 200, Size: 9043, Words: 1771, Lines: 155, Duration: 394ms]
pgp [Status: 200, Size: 3187, Words: 9, Lines: 54, Duration: 498ms]
logout [Status: 302, Size: 229, Words: 18, Lines: 6, Duration: 392ms]
process [Status: 405, Size: 153, Words: 16, Lines: 6, Duration: 337ms]
:: Progress: [882188/882188] :: Job [1/1] :: 263 req/sec :: Duration: [1:13:10] :: Errors: 0 ::ffuf found a few resources
There is the login page.
Both view and admin are locked behind the login page
process is rather interesting as it returned with the code 405
Login
While I don’t have any credential, I will try to see how the web handles the request
that’s likely the flask session token
┌──(kali㉿kali)-[~/archive/htb/labs/sandworm]
└─$ flask-unsign --decode --cookie 'eyJfZnJlc2giOmZhbHNlfQ.ZJxy9g.LLbP3KFXlZnwgihTEbGSX4JD8Zo'
{'_fresh': False}flask-unsign decoded the session token
┌──(kali㉿kali)-[~/archive/htb/labs/sandworm]
└─$ flask-unsign --wordlist /usr/share/wordlists/rockyou.txt --unsign --cookie 'eyJfZnJlc2giOmZhbHNlfQ.ZJxy9g.LLbP3KFXlZnwgihTEbGSX4JD8Zo' --no-literal-eval
[*] session decodes to: {'_fresh': False}
[*] Starting brute-forcer with 8 threads..
[!] Failed to find secret key after 14344392 attempts.ndI tried brute-forcing the session cookie but failed.