Challenge "Heartbleed — Part 2"  

  By: admin on Aug. 28, 2014, 2:34 p.m.

This challenge is based on the Heartbleed bug in OpenSSL discovered in April 2014. Attack a server which is specifically prepared to be vulnerable to the Heartbleed bug. Please note that it is necessary to solve Part 1 first.

!!! We had to take off this challenge, as our firewall doesn't allow flawed servers any more -- even if this flaw was offered by will for training and within a sandbox. !!!

Re: Challenge  

  By: Bart13 on Sept. 2, 2014, 1:48 p.m.

I have no idea what the cryptographic part in this challenge is.
To me it seems a hacking challenge, but still worthwhile.

I managed to solve Part 1, but I'm stuck at Part 2.
When I took another look at my downloaded data (approximately 10 Mb) I found some interesting part:

root:ao1Hg5icobt1hhakx (I scambled this a little) - root [29/Aug/2014:18:58:44 +0200] "GET /pDTvHuoAhZ655UScllNHyw/ HTTP/1.1" 401 194 "-" "Wget/1.13.4 (linux-gnu)"

To me that seemed the root password but it was not accepted.

When I did another run of the heartbleed tool I found on the internet I downloaded 25 Mb of data and nowhere I found this reference to root.
This seems strange to me.

Is this a bug or is the challenge working correctly?
I would like to know because I'm not about to spend any more time on this challenge if there is something wrong with it.

Unfortunately this seems to be more the rule than the exception of late……

Re: Challenge  

  By: Veselovský on Sept. 2, 2014, 3:24 p.m.

To me that seemed the root password but it was not accepted.

You can find several (root) passwords in the received data. Try all of them and one should be correct.

Re: Challenge  

  By: Bart13 on Sept. 3, 2014, 9:20 a.m.

Got it. The root password changes after some time.

Re: Challenge  

  By: wackerao on Sept. 3, 2014, 3:38 p.m.

As mentioned on the last page of the challenge-pdf, this challenge is not a cryptographic one but a "hacking" one (nevertheless, the bug was in the implementation of a cryptographic library).

In contrast to many of the existing cryptanalysis algorithms, the real world is "messy" and by far not so straight forward. Often, there is trial-and-error involved, since an attacker can simply not know all the interna of the attacked server.

This is also the case for this challenge. In the background, there are many users trying to login – some of them with correct and some of them with wrong passwords. These are the users from MTC3, but also some automated ones. When exploiting the heartbleed bug you see all of this data, which of course can confuse an attacker. However, it is the way how a server, or more specifically the heartbleed exploit, works. With other words, the challenge is working exactly as intended and exactly as it would be on a real server.

Solving a challenge is not only about "blindly" applying tools, but also about gaining some knowledge about what kind of danger a certain weakness (here software bug, otherwise cryptographic weaknesses) poses and what exactly can or can not be done with it. Therefore, please don't judge to quickly about "wrong" challenges – all the problems you are seeing are real ones when exploiting the heartbleed bug. You should not expect, that an attacked server will serve you willingly his most secret data in a nicely formated way and also provide the answer to all questions. What can or can not be known by the attacker, solely depends on the used exploit.

Re: Challenge  

  By: Veselovský on Sept. 3, 2014, 4:02 p.m.

What I was writing about in part1 forum was that it is confusing for solver that when you try to login with random password you will see this:
"Just kidding. Did you really think it was THAT easy? ;) This page is just a dummy page."

And what you will see, when you try to login with the Alice's password you discovered from leaked data?
You again see this:
"Just kidding. Did you really think it was THAT easy? ;) This page is just a dummy page."

So how could I know, that you want this password as a codeword for part 1, when I saw "Did you really think it was THAT easy?". I automatically assumed that the found password was not the correct codeword to submit.

I had the correct password long time before I even tried to submit it just because I considered it not to be the right codeword.

Re: Challenge  

  By: kiekuk on April 17, 2015, 6:43 p.m.


I have a little problem. I found 10 passwords, but they are all incorrect. How many I need to find until I found the right one?

I search in a File with 78 MByte and can't find another passwords. Can anybody help me?

Best regards

Re: Challenge  

  By: Robert Kosten on Jan. 3, 2017, 9:44 a.m.

Hi, I'm stuck here as well. I have extracted [HTML_REMOVED]htaccess[HTML_REMOVED] passwords for half a day now and got a list of eleven distinct ones. Since none of them work for level 2 ([HTML_REMOVED]or 3, the url for that is easy to come across[HTML_REMOVED]) I assume they are all simply other users/bots trying (and obviously feeding back their false passwords, keeping the cycle alive) and none are an automated "correct" script, like there was in level 1 (There is two passwords that look very much like the same "structure" used for level 1, but even they do not work on the site). Without such a "correct" script running I assume I have to extract the real password a different way. Any hints on what that may be? (Or can someone verify the "correct" script is running, maybe that process has simply exited? :-P)

Re: Challenge  

  By: wackerao on Jan. 8, 2017, 12:56 p.m.


the scripts are still running and as far as I can see, the server still bleeds correctly. :)

I restarted it (and the scripts) anyhow to make sure, we have again a consistent state.

However, the challenges you are facing are a different one. Let me give you a few hints:

  • Stage 1: The codeword for MTC3 is Alice's password, even though you cannot use this password to log on to anything on the website itself.[/*:m]
  • Stage 2: The user/password combination needed to login to stage 2 is independent from the codeword of stage 1. To be blunt, Alice cannot login to stage 2…[/*:m]
  • Stage 2: The codeword for stage 2 cannot be found anywhere in the memory dump. You need to get the correct password for 'root' (htaccess, not shell). To do so you must learn about HTTP authentication methods..[/*:m]
  • Stage 3: You need the private key from the server. Here finding the key in the memory dumps is the actual challenge. It is there, but finding it requires (a) many requests and (b) an idea of how to detect it in the memory dump. Again to be blunt, don't search for "—- BEGIN PRIVATE KEY —-" or similar. You won't find it.[/*:m][/list:u]

Hope this helps to clear the fog in the first hours of 2017. :)

Cheers, Arno

Re: Challenge  

  By: Robert Kosten on Feb. 27, 2017, 8:12 p.m.

Hi wackerao,

Thanks to this and a few PMs I have solved Parts 2 and 3 by now, thank you very, very much :-) I still had one misunderstanding to iron out, that I'd like to help clarify for other people:

I assumed "authorize as a valid user and log on" was a grammatical "and", while in fact this refers to two steps (You do mention them in your post, but my brain was too dense to get it).

Robert Kosten

Re: Challenge  

  By: hamster147 on March 2, 2018, 11:52 a.m.

Stage 1 completed successfully. For stage 2 I have gathered over 100MB of data from the server and found 10 username/password pairs, but none of them have been accepted by the login page. I have tried both the stage 1 login page and the one presented by my browser. What am I missing?


Re: Challenge "Heartbleed — Part 2"  

  By: robot.txt on May 17, 2022, 8:46 a.m.

We had to take off this challenge, as our firewall doesn't allow flawed servers any more -- even if this flaw was offered by will for training and within a sandbox. Sry for the inconvenience. Greetings

Currently 19 guests and 0 members are online.
Powered by the CrypTool project
Contact | Privacy | Imprint
© 2009-2024 MysteryTwister team