Hack The Box Challenge: Inferno
Hint: Find the flag.
When I started this challenge, I took one look at the hint and already started questioning what I was up against. Not wanting to disappoint myself, I fired up my Kali VM through Oracle's VirtualBox and got started.
I launched a terminal and used wget to download the zip file.
I used the built in unzipping command to unzip inferno.zip.
unzip inferno.zip |
I entered the password provided, "hackthebox" and it spit out a txt file. Ok, I was expecting something a little more than this, but hey, maybe it's a super easy flag. Nevermind…
RCdgXyReIjdtNVgzMlZ4ZnZ1PzFOTXBMbWwkakdGZ2dVZFNiYn08eyldeHFwdW5tM3Fwb2htZmUrTGJnZl9eXSNhYFleV1Z6PTxYV1ZPTnJMUUpJTkdrRWlJSEcpP2MmQkE6Pz49PDVZenk3NjU0MzIrTy8uJyYlJEgoIWclJCN6QH59dnU7c3JxdnVuNFVxamlubWxlK2NLYWZfZF0jW2BfWHxcW1pZWFdWVVRTUlFQMk5NRktKQ0JmRkU+JjxgQDkhPTw1WTl5NzY1NC0sUDAvby0sJUkpaWh+fSR7QSFhfXZ7dDpbWnZvNXNyVFNvbm1mLGppS2dgX2RjXCJgQlhXVnpaPDtXVlVUTXFRUDJOR0ZFaUlIR0Y/PmJCJEA5XT08OzQzODFVdnUtMiswLygnSysqKSgnfmZ8Qi8=
If you are on Windows or are looking for an "easier" way to decode this, head on over to https://www.base64decode.org/. If you're like me and want to really learn as much as you can with these challenges, there's another awesome built in tool you can use!
base64 --decode inferno.txt |
Ok, so what can we do with this? It certainly does not look like a familiar language to me. The name of the challenge is "Inferno", I wonder if that has anything to do with Dante's Inferno. Let's use some Googling to see what we can find. Sure enough, I searched for "dante programming language" and Malbolge came up. Just like my humanities prof back in college taught us about this book, the 8th circle of hell contains counterfeiters, sorcerers, grafters, hypocrites and other sinners guilty of fraud.
According to Wikipedia, Malbolge is apparently influenced by Brainfuck… Nope. I don't want to finish this challenge. As a joke, a colleague and I tried to figure out Brankfuck, but gave up after about three minutes. It's not very fun, check out this "Hello, world" code snippet.
++++++++[>++++[>++>+++>+++>+<<<<-]>+>+>->>+[<]<-]>>.>---.+++++++..+++.>>.<-.<.+++.------.--------.>>+.>++.
This is literally "Hello, world" in Brankfuck. Ok, enough Brainfuckery, let's just finish this challenge.
I am not about to find an IDE/interpreter/compiler for Malbolge, so let's see if there's a web interpreter available. A quick Google search for "malbolge interpreter online" and sure enough:
Oh look, right on the front page, "Malbolge, invented by Ben Olmstead in 1998, is an esoteric programming language
designed to be as difficult to program in as possible. And so it is :-)". Hey you know what, it's one less thing for me to figure out. Let's drop this code in and see if we can get a flag!
I copy/paste the code in, click Run Program, and there's the flag! Congratulations, we've made it through the Inferno challenge!
Let's take a look at what we used to solve this challenge. First, we used "wget" to download the zip file, "unzip" to unzip the file, some Googling, and some past-knowledge of Dante's Inferno to find the language this was written in. I'd say this was pretty easy, not terrible, but not a complete walk in the park.
Until next time!
Comments
Post a Comment