Hack the Box Challenge - Classic, Yet Complicated!


Hint: Find the plaintext, the key is your flag!

This will be my first Crypto challenge write up, let's see what we can do! I use wget to download the zip file, then use unzip and the provided password to extract my file. From that zip file we are given a txt file. It's pretty small, 553 bytes, so nothing hidden inside. Let's see what it says!

"alp gwcsepul gtavaf, nlv prgpbpsu mb h jcpbyvdlq, ipltga rv glniypfa we ekl 16xs nsjhlcb. px td o lccjdstslpahzn fptspf xstlxzi te iosj ezv sc xcns ttsoic lzlvrmhaw ez sjqijsa xsp rwhr. tq vxspf sciov, alp wsphvcv pr ess rwxpqlvp nwlvvc dyi dswbhvo ef htqtafvyw hqzfbpg, ezutewwm zcep xzmyr o scio ry tscoos rd woi pyqnmgelvr vpm . qbctnl xsp akbflowllmspwt nlwlpcg, lccjdstslpahzn fptspfo oip qvx dfgysgelipp ec bfvbxlrnj ojocjvpw, ld akfv ekhr zys hskehy my eva dclluxpih yoe mh yiacsoseehk fj l gebxwh sieesn we ekl iynfudktru. xsp yam zd woi qwoc."


I've done some other CTF challenges before, this looks like a classic ROTx challenge. ROTx just means rotate by x places, cycling through the alphabet. ROT13 is the most common of these ROT ciphers I believe. Let's head on over to ROT13 and try our luck. This website is pretty cool, very simple and easy to use. Paste in your string and select which ROT you want to use and there you go!

Ok so I cycled through all of the options but didn't get any luck. Let's take another look at that hint. That sort of helped, we need to find the key used in the cipher. Let's do a Google search for "classic ciphers" to see what we can find. According to Wikipedia, the ROT13 cipher we tried earlier is a type of Caesar cipher. I didn't know that, I learned something new already! Let's keep reading. Here's something to try, a Vigenère cipher. Let's see if we can't find an online decoder. I ended up finding and using dCode for this part. I paste in the text, select the statistical analysis button then click Decrypt. Look at that top result, "HELLOWORYD" - that looks pretty close to "Hello world" which is the first program you learn to write in any language. Let's set the key to "HELLOWORLD" and see what we get.

"the vigenere cipher, was invented by a frenchman, blaise de vigenere in the 16th century. it is a polyalphabetic cipher because it uses two or more cipher alphabets to encrypt the data. in other words, the letters in the vigenere cipher are shifted by different amounts, normally done using a word or phrase as the encryption key . unlike the monoalphabetic ciphers, polyalphabetic ciphers are not susceptible to frequency analysis, as more than one letter in the plaintext can be represented by a single letter in the encryption. the key is the flag."

There we go, that's our flag! I know I said I would do my best to not post the flag, but I had to for this to work. Make sure you add HTB{} around the lowercase key to successfully complete this challenge.

Until next time!

Comments

Popular posts from this blog

Exporting BitLocker Recovery Keys From AD Using PowerShell

Hack the Box Challenge - Blackhole

Hack the Box Challenge - You Can Do It!