DEV Community

DaNeil C
DaNeil C

Posted on • Edited on

5

HTB CTF - Decode Me!!

#codenewbie #security #htb #ctf
  • CTF Name: Decode Me!!
  • Resource: Hack The Box CTF
  • Difficulty: [30 pts] easy range

Note::: NO, I won't be posting my found FLAGS, but I will be posting the methods I used.

Flag1

  • Hint: Try find the flag!
  • Acquired By:
    • First thing to do is obviously download the file and extract the file. While a lot of people will use the command line for this I usually just to my file folders. It's easy so why not.
    • Next is to just look at it.Alt Text At first it appears to be something that is Base64 encoded as the lines end with the usual "=" but this is not the case... yet. So first thing I did, like many others, is try to decode it like this, but it fails.
    • After a bunch of Googling and browsing the HTB fourms someone mentions a key and code so if we look into that we find the Fernet (symmetric encryption). This is a "symmetric encryption method which makes sure that the message encrypted cannot be manipulated/read without the key. It uses URL safe encoding for the keys. Fernet uses 128-bit AES in CBC mode and PKCS7 padding, with HMAC using SHA256 for authentication. The IV is created from os.random()." (1)
    • This produced something that was less than finished but it looks like there is another string of Base64 so lets decode that now.Alt TextThis is still not really helpful though...
    • Now it's time for MORE Googling and HTB forums and I got a hint about "Malbolge Tools". Malbolge is "Malbolge is a public domain esoteric programming language... that was specifically designed to be almost impossible to use, via a counter-intuitive 'crazy operation', base-three arithmetic, and self-altering code." (2)
    • Once I found the Malbolge Decoding tool I was able to throw in the new output and get the flag.Alt Text

Learned

This flag taught me the power of forums and getting help.
This flag was a crazy 3 step process that I would not have been able to get on my own. The input for the Malbolge Tool was something I have never seen before and don't think that I will see again outside of CTFs but I am glad I've seen it.

Happy Hacking

Resources:

  1. https://asecuritysite.com/encryption/ferdecode
  2. https://en.wikipedia.org/wiki/Malbolge
  3. https://zb3.me/malbolge-tools/
  4. https://asecuritysite.com/encryption/ferdecode
Please Note: that I am still learning and if something that I have stated is incorrect please let me know. I would love to learn more about what I may not understand fully.
profile
Heroku
 Promoted

Heroku

Build apps, not infrastructure.

Dealing with servers, hardware, and infrastructure can take up your valuable time. Discover the benefits of Heroku, the PaaS of choice for developers since 2007.

Visit Site

Top comments (0)

profile
Timescale
Promoted

Image of Timescale

Timescale – the developer's data platform for modern apps, built on PostgreSQL

Timescale Cloud is PostgreSQL optimized for speed, scale, and performance. Over 3 million IoT, AI, crypto, and dev tool apps are powered by Timescale. Try it free today! No credit card required.

Try free

Read next

mettasurendhar profile image

Rootless Containers: What They Are and Why You Should Use Them

Metta Surendhar -

pains_arch profile image

How to Create a Workspace in Metasploit Console

Md Shykat -

pains_arch profile image

How to Activate and Enable the PostgreSQL Service on Your Kali Linux System

Md Shykat -

donaldn profile image

Fixes for a critical rsync vulnerability (CVE-2024-12084) have been released for Stable/Bookworm, Testing and Unstable....

Donald -