Nice Warm Slice of Cranberry Pi
After helping Josh and Jessica solve Santa’s Tweets, and gleaning information from the apk file that was in the zip file, in the game, quest2016.holidayhackchallenge.com, the players go through Santa’s magic bag to get to the North Pole. Holly Evergreen is the first elf that one sees after coming through Santa’s bag to reach the North Pole. She’s a little confusing-stating that pieces of Santa’s sleigh fell to the ground, and asking the player to help find them. None of the elves gave pieces of the sleigh to the player.
Once a player finds a piece of the Cranberry Pi, Holly says: "Wow, that looks like a piece of the Cranberry Pi! The Cranberry Pi is Santa's invention. It's a tremendously useful device that is used to access terminals throughout the North Pole Wonderland. Do you think you can find all 5 pieces of the Cranberry Pi?"
Cranberry Pi Pieces & Locations
Elf House 1-Secret Fireplace
Elf House 2-Upstairs
Heatsink
North Pole-Near the Snowman & Music Machine
Power Cord
North Pole-Near Santa’s Workshop-Left-On the Boardwalk
Holiday (SD) Card
Santa’s Workshop
HDMI Cable-Behind the left reindeer
After the pieces are found, the player has to return to Holly Evergreen. She asks the player to find the password in the Cranberry Pi. She gives the player a copy of the Cranberry Pi image.
Mount SD Card
The player has to find out how to mount the image outside of the game, on their own computer. A tutorial about how to mount a similar OS, called Raspbian, which is a form of Jesse Linux, is found on the SANS Pen Testing Blog.
Following the directions in the blog, the commands would be:
fdisk -l cranbian-jessie.img
This shows the information about the image needed in order to mount it. The relevant information is the
sector size of 512 bytes, and the start sector of the linux portion of the image, which is 137216.
sector size of 512 bytes, and the start sector of the linux portion of the image, which is 137216.
In order to mount the device, one needs to make a directory to mount it in.
mkdir mnt = This creates a directory named mnt.
Next, one may mount the image to view its contents.
mount -v -o offset=((137216*512)) -t ext4 cranbian-jessie.img mnt/
The mount command mounts a file system. The -v flag gives verbose output. The -o flag means to use the
specified options, in this case, an offset is given to show mount where the desired operating system begins.
The -t flag is the type of file system, in this case, ext4. cranbian-jessie.img is the image that needs to be
mounted. mnt is the directory where the image will be mounted.
specified options, in this case, an offset is given to show mount where the desired operating system begins.
The -t flag is the type of file system, in this case, ext4. cranbian-jessie.img is the image that needs to be
mounted. mnt is the directory where the image will be mounted.
When looking for a password on any Linux device, the first place to look should be where they are usually
stored, the etc/ folder. One should make certain that they are looking at the etc folder for the cranbian image
and not their linux box. It’s suggested to cd etc from the mnt directory.
stored, the etc/ folder. One should make certain that they are looking at the etc folder for the cranbian image
and not their linux box. It’s suggested to cd etc from the mnt directory.
cd etc
Note: There is not a slash before etc. One wants it in relation to the mnt directory, not the root directory.
Now cat the shadow file, which shows the users and password hashes on a Linux machine.
cat shadow
Copy the cranpi hash and then paste it into a text editor. One may notice from the $6$ that
it is a SHA512crypt hash.
getting passwd and shadow files.*
Crack Cranberry Pi Password
The elf, Minty Candycane gives the clue about how to crack the password.
Use John to crack the password.
john ./cranberrypipassword --wordlist=rockyou.txt
The password is “yummycookies”.
Talk to Holly Evergreen again. She goes through her entire conversation from before, then asks for the password to the Cranberry Pi device. Type it in. Now one should have access to all of the terminals.
Talk to Holly Evergreen again. She goes through her entire conversation from before, then asks for the password to the Cranberry Pi device. Type it in. Now one should have access to all of the terminals.
No comments:
Post a Comment