(June 26, 2022, 02:26 PM)lnf02 Wrote:

(June 26, 2022, 12:56 PM)fironeDerbert Wrote: https://backdrop.carpediem.htb
=> valid User: jpardella
=> Email: jpardella.carpediem.htb

Does someone know what are the hash types for trudesk ?
$2b$10$CSRmXjH/psp9DdPmVjEYLOUEkgD7x8ax1S1yks4CTrbV6bfgBFXqW
$2b$10$nNoQGPes116eTUUl/3C8keEwZAeCfHCmX1t.yA1X3944WB2F.z2GK
$2b$10$imwoLPu0Au8LjNr08GXGy.xk/Exyr9PhKYk1lC/sKAfMFd5i3HrmS
$2b$10$n4yEOTLGA0SuQ.o0CbFbsex3pu2wYr924cKDaZgLKFH81Wbq7d9Pq
$2b$10$qZ64GjhVYetulM.dqt73zOV8IjlKYKtM/NjKPS1PB0rUcBMkKq0s.

The passwords are hashed in Bcrypt, don't try to crack them, try updating the password for the user with most privileges trough MongoDB (using mongosh and chisel)

Is there anything interesting to do in there for root?

(June 26, 2022, 02:53 PM)Erik Wrote:

(June 26, 2022, 02:26 PM)lnf02 Wrote:

(June 26, 2022, 12:56 PM)fironeDerbert Wrote: https://backdrop.carpediem.htb
=> valid User: jpardella
=> Email: jpardella.carpediem.htb

Does someone know what are the hash types for trudesk ?
$2b$10$CSRmXjH/psp9DdPmVjEYLOUEkgD7x8ax1S1yks4CTrbV6bfgBFXqW
$2b$10$nNoQGPes116eTUUl/3C8keEwZAeCfHCmX1t.yA1X3944WB2F.z2GK
$2b$10$imwoLPu0Au8LjNr08GXGy.xk/Exyr9PhKYk1lC/sKAfMFd5i3HrmS
$2b$10$n4yEOTLGA0SuQ.o0CbFbsex3pu2wYr924cKDaZgLKFH81Wbq7d9Pq
$2b$10$qZ64GjhVYetulM.dqt73zOV8IjlKYKtM/NjKPS1PB0rUcBMkKq0s.

The passwords are hashed in Bcrypt, don't try to crack them, try updating the password for the user with most privileges trough MongoDB (using mongosh and chisel)

Is there anything interesting to do in there for root?

You have the user flag ?

[quote="fironeDerbert" pid="109986" dateline="1656248170"]https://backdrop.carpediem.htb=> valid User: jpardella => Email: jpardella.carpediem.htbDoes someone know what are the hash types for trudesk ?$2b$10$CSRmXjH/psp9DdPmVjEYLOUEkgD7x8ax1S1yks4CTrbV6bfgBFXqW$2b$10$nNoQGPes116eTUUl/3C8keEwZAeCfHCmX1t.yA1X3944WB2F.z2GK$2b$10$imwoLPu0Au8LjNr08GXGy.xk/Exyr9PhKYk1lC/sKAfMFd5i3HrmS$2b$10$n4yEOTLGA0SuQ.o0CbFbsex3pu2wYr924cKDaZgLKFH81Wbq7d9Pq$2b$10$qZ64GjhVYetulM.dqt73zOV8IjlKYKtM/NjKPS1PB0rUcBMkKq0s.[/quote]This worked for me:[quote]python -c "import bcrypt; print(bcrypt.hashpw('password'.encode(), bcrypt.gensalt(rounds=10)))"[/quote]Then on MongoSH:[quote]db.getCollection("accounts").update({_id: },{$set :{"password":"}});[/quote]

(June 26, 2022, 02:59 PM)fironeDerbert Wrote:

(June 26, 2022, 02:53 PM)Erik Wrote:

(June 26, 2022, 02:26 PM)lnf02 Wrote:

(June 26, 2022, 12:56 PM)fironeDerbert Wrote: https://backdrop.carpediem.htb
=> valid User: jpardella
=> Email: jpardella.carpediem.htb

Does someone know what are the hash types for trudesk ?
$2b$10$CSRmXjH/psp9DdPmVjEYLOUEkgD7x8ax1S1yks4CTrbV6bfgBFXqW
$2b$10$nNoQGPes116eTUUl/3C8keEwZAeCfHCmX1t.yA1X3944WB2F.z2GK
$2b$10$imwoLPu0Au8LjNr08GXGy.xk/Exyr9PhKYk1lC/sKAfMFd5i3HrmS
$2b$10$n4yEOTLGA0SuQ.o0CbFbsex3pu2wYr924cKDaZgLKFH81Wbq7d9Pq
$2b$10$qZ64GjhVYetulM.dqt73zOV8IjlKYKtM/NjKPS1PB0rUcBMkKq0s.

The passwords are hashed in Bcrypt, don't try to crack them, try updating the password for the user with most privileges trough MongoDB (using mongosh and chisel)

Is there anything interesting to do in there for root?

You have the user flag ?

I did. Anyone has a hint about root ?

(June 26, 2022, 03:07 PM)Erik Wrote:

(June 26, 2022, 02:59 PM)fironeDerbert Wrote:

(June 26, 2022, 02:53 PM)Erik Wrote:

(June 26, 2022, 02:26 PM)lnf02 Wrote:

(June 26, 2022, 12:56 PM)fironeDerbert Wrote: https://backdrop.carpediem.htb
=> valid User: jpardella
=> Email: jpardella.carpediem.htb

Does someone know what are the hash types for trudesk ?
$2b$10$CSRmXjH/psp9DdPmVjEYLOUEkgD7x8ax1S1yks4CTrbV6bfgBFXqW
$2b$10$nNoQGPes116eTUUl/3C8keEwZAeCfHCmX1t.yA1X3944WB2F.z2GK
$2b$10$imwoLPu0Au8LjNr08GXGy.xk/Exyr9PhKYk1lC/sKAfMFd5i3HrmS
$2b$10$n4yEOTLGA0SuQ.o0CbFbsex3pu2wYr924cKDaZgLKFH81Wbq7d9Pq
$2b$10$qZ64GjhVYetulM.dqt73zOV8IjlKYKtM/NjKPS1PB0rUcBMkKq0s.

The passwords are hashed in Bcrypt, don't try to crack them, try updating the password for the user with most privileges trough MongoDB (using mongosh and chisel)

Is there anything interesting to do in there for root?

You have the user flag ?

I did. Anyone has a hint about root ?

Drop the hint about user

(June 26, 2022, 02:53 PM)Erik Wrote:

(June 26, 2022, 02:26 PM)lnf02 Wrote:

(June 26, 2022, 12:56 PM)fironeDerbert Wrote: https://backdrop.carpediem.htb
=> valid User: jpardella
=> Email: jpardella.carpediem.htb

Does someone know what are the hash types for trudesk ?
$2b$10$CSRmXjH/psp9DdPmVjEYLOUEkgD7x8ax1S1yks4CTrbV6bfgBFXqW
$2b$10$nNoQGPes116eTUUl/3C8keEwZAeCfHCmX1t.yA1X3944WB2F.z2GK
$2b$10$imwoLPu0Au8LjNr08GXGy.xk/Exyr9PhKYk1lC/sKAfMFd5i3HrmS
$2b$10$n4yEOTLGA0SuQ.o0CbFbsex3pu2wYr924cKDaZgLKFH81Wbq7d9Pq
$2b$10$qZ64GjhVYetulM.dqt73zOV8IjlKYKtM/NjKPS1PB0rUcBMkKq0s.

The passwords are hashed in Bcrypt, don't try to crack them, try updating the password for the user with most privileges trough MongoDB (using mongosh and chisel)

Is there anything interesting to do in there for root?

If you don't do that, you won't have access to Trudesk. Therefore you won't get the "hint" regarding the new user being created, with the password on the voicemail...

(June 26, 2022, 03:07 PM)Erik Wrote:

(June 26, 2022, 02:59 PM)fironeDerbert Wrote:

(June 26, 2022, 02:53 PM)Erik Wrote:

(June 26, 2022, 02:26 PM)lnf02 Wrote:

(June 26, 2022, 12:56 PM)fironeDerbert Wrote: https://backdrop.carpediem.htb
=> valid User: jpardella
=> Email: jpardella.carpediem.htb

Does someone know what are the hash types for trudesk ?
$2b$10$CSRmXjH/psp9DdPmVjEYLOUEkgD7x8ax1S1yks4CTrbV6bfgBFXqW
$2b$10$nNoQGPes116eTUUl/3C8keEwZAeCfHCmX1t.yA1X3944WB2F.z2GK
$2b$10$imwoLPu0Au8LjNr08GXGy.xk/Exyr9PhKYk1lC/sKAfMFd5i3HrmS
$2b$10$n4yEOTLGA0SuQ.o0CbFbsex3pu2wYr924cKDaZgLKFH81Wbq7d9Pq
$2b$10$qZ64GjhVYetulM.dqt73zOV8IjlKYKtM/NjKPS1PB0rUcBMkKq0s.

The passwords are hashed in Bcrypt, don't try to crack them, try updating the password for the user with most privileges trough MongoDB (using mongosh and chisel)

Is there anything interesting to do in there for root?

You have the user flag ?

I did. Anyone has a hint about root ?

We are not at this step yet tell us how you did so we'll work on root together...

(June 26, 2022, 03:20 PM)lnf02 Wrote:

(June 26, 2022, 02:53 PM)Erik Wrote:

(June 26, 2022, 02:26 PM)lnf02 Wrote:

(June 26, 2022, 12:56 PM)fironeDerbert Wrote: https://backdrop.carpediem.htb
=> valid User: jpardella
=> Email: jpardella.carpediem.htb

Does someone know what are the hash types for trudesk ?
$2b$10$CSRmXjH/psp9DdPmVjEYLOUEkgD7x8ax1S1yks4CTrbV6bfgBFXqW
$2b$10$nNoQGPes116eTUUl/3C8keEwZAeCfHCmX1t.yA1X3944WB2F.z2GK
$2b$10$imwoLPu0Au8LjNr08GXGy.xk/Exyr9PhKYk1lC/sKAfMFd5i3HrmS
$2b$10$n4yEOTLGA0SuQ.o0CbFbsex3pu2wYr924cKDaZgLKFH81Wbq7d9Pq
$2b$10$qZ64GjhVYetulM.dqt73zOV8IjlKYKtM/NjKPS1PB0rUcBMkKq0s.

The passwords are hashed in Bcrypt, don't try to crack them, try updating the password for the user with most privileges trough MongoDB (using mongosh and chisel)

Is there anything interesting to do in there for root?

If you don't do that, you won't have access to Trudesk. Therefore you won't get the "hint" regarding the new user being created, with the password on the voicemail...

Technically you don't need access to trudesk, you can just read everything from the mongodb itself.

Finally was able to listen to the voicemail which contain the creds

(June 26, 2022, 03:27 PM)langetmama11 Wrote:

(June 26, 2022, 03:20 PM)lnf02 Wrote:

(June 26, 2022, 02:53 PM)Erik Wrote:

(June 26, 2022, 02:26 PM)lnf02 Wrote:

(June 26, 2022, 12:56 PM)fironeDerbert Wrote: https://backdrop.carpediem.htb
=> valid User: jpardella
=> Email: jpardella.carpediem.htb

Does someone know what are the hash types for trudesk ?
$2b$10$CSRmXjH/psp9DdPmVjEYLOUEkgD7x8ax1S1yks4CTrbV6bfgBFXqW
$2b$10$nNoQGPes116eTUUl/3C8keEwZAeCfHCmX1t.yA1X3944WB2F.z2GK
$2b$10$imwoLPu0Au8LjNr08GXGy.xk/Exyr9PhKYk1lC/sKAfMFd5i3HrmS
$2b$10$n4yEOTLGA0SuQ.o0CbFbsex3pu2wYr924cKDaZgLKFH81Wbq7d9Pq
$2b$10$qZ64GjhVYetulM.dqt73zOV8IjlKYKtM/NjKPS1PB0rUcBMkKq0s.

The passwords are hashed in Bcrypt, don't try to crack them, try updating the password for the user with most privileges trough MongoDB (using mongosh and chisel)

Is there anything interesting to do in there for root?

If you don't do that, you won't have access to Trudesk. Therefore you won't get the "hint" regarding the new user being created, with the password on the voicemail...

Technically you don't need access to trudesk, you can just read everything from the mongodb itself.

Stuck at the VOIP part since i can't seem to get Zoiper to work

Well then you're right there, making Zoiper work is the last step before user. It took a couple tries for me as well.

(June 26, 2022, 03:27 PM)langetmama11 Wrote:

(June 26, 2022, 03:20 PM)lnf02 Wrote:

(June 26, 2022, 02:53 PM)Erik Wrote:

(June 26, 2022, 02:26 PM)lnf02 Wrote:

(June 26, 2022, 12:56 PM)fironeDerbert Wrote: https://backdrop.carpediem.htb
=> valid User: jpardella
=> Email: jpardella.carpediem.htb

Does someone know what are the hash types for trudesk ?
$2b$10$CSRmXjH/psp9DdPmVjEYLOUEkgD7x8ax1S1yks4CTrbV6bfgBFXqW
$2b$10$nNoQGPes116eTUUl/3C8keEwZAeCfHCmX1t.yA1X3944WB2F.z2GK
$2b$10$imwoLPu0Au8LjNr08GXGy.xk/Exyr9PhKYk1lC/sKAfMFd5i3HrmS
$2b$10$n4yEOTLGA0SuQ.o0CbFbsex3pu2wYr924cKDaZgLKFH81Wbq7d9Pq
$2b$10$qZ64GjhVYetulM.dqt73zOV8IjlKYKtM/NjKPS1PB0rUcBMkKq0s.

The passwords are hashed in Bcrypt, don't try to crack them, try updating the password for the user with most privileges trough MongoDB (using mongosh and chisel)

Is there anything interesting to do in there for root?

If you don't do that, you won't have access to Trudesk. Therefore you won't get the "hint" regarding the new user being created, with the password on the voicemail...

Technically you don't need access to trudesk, you can just read everything from the mongodb itself.

Stuck at the VOIP part since i can't seem to get Zoiper to work

Well, you are right, you can read all from the DB itself, but it's better from the page :D 

I'm also struggling with Zoiper...