MisDIRection - Hack The Box Challenge
First, Unzip the contents unzip misdirection.zip
.
Second, Check if the files have contents with
ls -laR .secret/
The filename under the folder is the char location, and the folder name is the char.
So we have to sort this.
After that we just put the letters/numbers in the order of the content.
We’ll get a string what we have to decode (it’s in BASE64).
To automatize that, use this python script.
#!/usr/bin/env python3
import base64
word_dic = {'0': [6], '1': [22, 30], '2': [34], '5': [16], '9': [36], 'B': [23], 'C': [4], 'D': [26], 'E': [14], 'F': [19, 2, 27], 'N': [11, 25, 31, 33], 'p': [
32], 'S': [1], 's': [24], 'U': [9], 'u': [20, 28], 'V': [35], 'X': [17, 21, 29], 'x': [15], 'd': [13], 'e': [5], 'j': [10, 12], 'J': [8], 'R': [3, 7], 'z': [18]}
flag_length = 0
for key in word_dic.keys():
flag_length = max(flag_length, max(word_dic[key]))
flag = [""]*(flag_length+1)
for key in word_dic.keys():
for loc in word_dic[key]:
flag[loc] = key
rst = "".join(flag)
print(base64.b64decode(rst))
Byee