Return to forum

skyweasel · March 19, 2022 at 11:42 PM

Anyone got hash or ssh for this, cant be bothered with spinning up an apk emulator

john2 · March 20, 2022 at 2:11 AM

you must run the app in emulator and intercept the request with burp , once did that you will find RCE which allow you to add your ssh public key to authorized keys then connect with private keys , if this help give me rep , if you still stuck pm

skyweasel · March 22, 2022 at 8:09 AM

(March 20, 2022, 02:11 AM)john2 Wrote: you must run the app in emulator and intercept the request with burp , once did that you will find RCE which allow you to add your ssh public key to authorized keys then connect with private keys , if this help give me rep , if you still stuck pm

Dramas with visualizing the APK and capturing that request. Went all in, set up mobsf with dynamic analysis, grabbed the endpoint its talking to but nothing past that .

Edit - ah got it. Thx for the nudge

Hallagui0 · March 22, 2022 at 10:45 AM

Good’s

DvDr_SF · March 22, 2022 at 9:04 PM

This can help:
https://0xdedinfosec.vercel.app/posts/hackthebox-routerspace-writeup

skyweasel · March 23, 2022 at 6:44 AM

(March 22, 2022, 09:04 PM)DvDr_SF Wrote: This can help:
https://0xdedinfosec.vercel.app/posts/hackthebox-routerspace-writeup

Thx saw this too! - the APK part was the painful bit, rest was easy.

DvDr_SF · March 23, 2022 at 8:54 PM

(March 23, 2022, 06:44 AM)skyweasel Wrote:
(March 22, 2022, 09:04 PM)DvDr_SF Wrote: This can help:
https://0xdedinfosec.vercel.app/posts/hackthebox-routerspace-writeup

Thx saw this too! - the APK part was the painful bit, rest was easy.

I do it by myself ....It takes 3 hours only to start anbox without error :(

K4tup · April 18, 2022 at 5:55 PM

(March 22, 2022, 09:04 PM)DvDr_SF Wrote: This can help:
https://0xdedinfosec.vercel.app/posts/hackthebox-routerspace-writeup

thanks