Remoteaccess

We recently compromised one of the SMB shares connected to a criminal organisation's network,
and would you believe we have found some SSH keys on there; I thought I'd give you one of them to
have a go at cracking.

I've attached the private key file below for you, could you let us know the passphrase tied to the
key?

If you're not sure where to start, get Googling! You might be able to do this (reasonably) quickly.

This might help you. [https://github.com/brannondorsey/naive-hashcat/releases/download/data/rockyou.txt]

If you can get this for us, we might be able to compromise another one of their servers by
connecting right to it via SSH!

Note: You've got 5 attempts at this so be confident you've found the passphrase before inputting
your answer!

Expected flag format: sshKeyPassphrase

The SSH key file can be found in the assets folder.

A full SSH cracking guide can be found here, I will highlight the steps that I had to take:

  1. wget https://raw.githubusercontent.com/magnumripper/JohnTheRipper/bleeding-jumbo/run/ssh2john.py

  2. python3 ssh2john.py ssh_key.txt > ssh_key.hash

    The hash can be found here.

  3. john --wordlist=rockyou.txt ssh_key.hash