BlackHole - Hack The Box Challenge

1 minute read

  1 minute read

blackhole htb

blackhole htb

BlackHole it’s a misc challenge from HackTheBox which contains a little bit of stenography and decoding of ciphers


First of all, uncompress zip. Second, uncompress the

We’ll found a file, with file we can find out which type of file is


file hawking


hawking: JPEG image data, JFIF standard 1.01, aspect ratio, density 72x72, segment length 16, baseline, precision 8, 794x579, components 3

After doing some checks I decided to use steghide to see if there were any hidden files in the archive

Instalation: apt-get install steghide

steghide extract -sf hawking


Annotate the safe-conduct: 
annotate data extracted from/"flag.txt".

I used “hawking” as password, I was just lucky, if it couldn’t have worked i couldn’t have worked i could then have ran stegcracker (A tool used to brute force image passphrase). But luckily it worked.


Now we get a file called flag.txt. On opening the file it appears to be base64 encodeded.

I had to decode twice to get something like a flag at the end of the text

I used this commands but if you want , you can use an online tool.

base64 -d flag.txt | base64 -d


Efqbtqz Iuxxumy Tmiwuzs ime mz Qzsxuet ftqadqfuomx btkeuouef, oaeyaxasuef, mzp mgftad, ita ime pudqofad ar dqeqmdot mf ftq Oqzfdq rad Ftqadqfuomx Oaeyaxask mf ftq Gzuhqdeufk ar Omyndupsq mf ftq fuyq ar tue pqmft. Tq ime ftq Xgomeumz Bdarqeead ar Ymftqymfuoe mf ftq Gzuhqdeufk ar Omyndupsq nqfiqqz 1979 mzp 2009. Tmiwuzs motuqhqp oayyqdoumx egooqee iuft eqhqdmx iadwe ar babgxmd eouqzoq uz ituot tq pueogeeqe tue aiz ftqaduqe mzp oaeyaxask uz sqzqdmx. Tue naaw M Nduqr Tuefadk ar Fuyq mbbqmdqp az ftq Ndufuet Egzpmk Fuyqe nqef-eqxxqd xuef rad m dqoadp-ndqmwuzs 237 iqqwe. Tmiwuzs ime m rqxxai ar ftq Dakmx Eaouqfk, m xurqfuyq yqynqd ar ftq Bazfuruomx Mompqyk ar Eouqzoqe, mzp m dqoubuqzf ar ftq Bdqeupqzfumx Yqpmx ar Rdqqpay, ftq tustqef ouhuxumz mimdp uz ftq Gzufqp Efmfqe. Uz 2002, Tmiwuzs ime dmzwqp zgynqd 25 uz ftq NNO\’e baxx ar ftq 100 Sdqmfqef Ndufaze.

But this is not the format that hack the box flag normally looks like, so there must be another encryption.

I used an online tool trying to find the cipher:

It was a caesar cipher.

So with this tool , testing shifts I found it to be ROT14, finally obtaining the flag.

blackhole htb