Shockz
SHOCKZ
bash -i >& /dev/tcp/localhost/1337 0>&1

Pentesting & Red Team Lead | Offensive Security Engineer | Developer | Ethical Hacker | HTB & THM Player

Posts about Cybersecurity, CTF's, Ethical Hacking and other projects


BlackHole - Hack The Box Challenge

1 minute read

  1 minute read

blackhole htb

blackhole htb

BlackHole it’s a misc challenge from HackTheBox which contains a little bit of stenography and decoding of ciphers

Pre-start

First of all, uncompress zip. Second, uncompress the archive.zip.

We’ll found a file, with file we can find out which type of file is

Steganography

file hawking

Output:

hawking: JPEG image data, JFIF standard 1.01, aspect ratio, density 72x72, segment length 16, baseline, precision 8, 794x579, components 3

After doing some checks I decided to use steghide to see if there were any hidden files in the archive

Instalation: apt-get install steghide

steghide extract -sf hawking

Output:

Annotate the safe-conduct: 
annotate data extracted from/"flag.txt".

I used “hawking” as password, I was just lucky, if it couldn’t have worked i couldn’t have worked i could then have ran stegcracker (A tool used to brute force image passphrase). But luckily it worked.

Decoding

Now we get a file called flag.txt. On opening the file it appears to be base64 encodeded.

I had to decode twice to get something like a flag at the end of the text

I used this commands but if you want , you can use an online tool.

base64 -d flag.txt | base64 -d

Output:

Efqbtqz Iuxxumy Tmiwuzs ime mz Qzsxuet ftqadqfuomx btkeuouef, oaeyaxasuef, mzp mgftad, ita ime pudqofad ar dqeqmdot mf ftq Oqzfdq rad Ftqadqfuomx Oaeyaxask mf ftq Gzuhqdeufk ar Omyndupsq mf ftq fuyq ar tue pqmft. Tq ime ftq Xgomeumz Bdarqeead ar Ymftqymfuoe mf ftq Gzuhqdeufk ar Omyndupsq nqfiqqz 1979 mzp 2009. Tmiwuzs motuqhqp oayyqdoumx egooqee iuft eqhqdmx iadwe ar babgxmd eouqzoq uz ituot tq pueogeeqe tue aiz ftqaduqe mzp oaeyaxask uz sqzqdmx. Tue naaw M Nduqr Tuefadk ar Fuyq mbbqmdqp az ftq Ndufuet Egzpmk Fuyqe nqef-eqxxqd xuef rad m dqoadp-ndqmwuzs 237 iqqwe. Tmiwuzs ime m rqxxai ar ftq Dakmx Eaouqfk, m xurqfuyq yqynqd ar ftq Bazfuruomx Mompqyk ar Eouqzoqe, mzp m dqoubuqzf ar ftq Bdqeupqzfumx Yqpmx ar Rdqqpay, ftq tustqef ouhuxumz mimdp uz ftq Gzufqp Efmfqe. Uz 2002, Tmiwuzs ime dmzwqp zgynqd 25 uz ftq NNO\’e baxx ar ftq 100 Sdqmfqef Ndufaze.
TFN{------------------------}

But this is not the format that hack the box flag normally looks like, so there must be another encryption.

I used an online tool trying to find the cipher:

It was a caesar cipher.

So with this tool , testing shifts I found it to be ROT14, finally obtaining the flag.

blackhole htb

Byee