MisDIRection - Hack The Box Challenge

less than 1 minute read

April 23, 2021 less than 1 minute read

First, Unzip the contents unzip misdirection.zip.

Second, Check if the files have contents with

ls -laR .secret/

The filename under the folder is the char location, and the folder name is the char.

So we have to sort this.

After that we just put the letters/numbers in the order of the content.

We’ll get a string what we have to decode (it’s in BASE64).

To automatize that, use this python script.

#!/usr/bin/env python3

import base64

word_dic = {'0': [6], '1': [22, 30], '2': [34], '5': [16], '9': [36], 'B': [23], 'C': [4], 'D': [26], 'E': [14], 'F': [19, 2, 27], 'N': [11, 25, 31, 33], 'p': [
    32], 'S': [1], 's': [24], 'U': [9], 'u': [20, 28], 'V': [35], 'X': [17, 21, 29], 'x': [15], 'd': [13], 'e': [5], 'j': [10, 12], 'J': [8], 'R': [3, 7], 'z': [18]}

flag_length = 0

for key in word_dic.keys():
    flag_length = max(flag_length, max(word_dic[key]))

flag = [""]*(flag_length+1)

for key in word_dic.keys():
    for loc in word_dic[key]:
        flag[loc] = key

rst = "".join(flag)

print(base64.b64decode(rst))

Byee

Share this: