HackTheBox Ancored Writeup
Explore the basics of cybersecurity in the Ancored Challenge on Hack The Box. This easy-level Challenge introduces encryption reversal and file handling concepts in a clear and accessible way, perfect for beginners.
The APK, decompiled using www.javadecompilers.com, reveals MainActivity.java from the com.example.anchored package. It utilizes native methods (frf(), prp(), mrm()) linked to libanchored.so to construct HTTP request parameters.
The Java_com_example_anchored_MainActivity_frf function in libanchored.so applies XOR encryption using specific byte constants (e.g., 0x0012d0c9 for t and 0x0012d0cb for u). Decryption can be performed using the known XOR keys (local_e8) and encrypted data (local_198), which can be simulated with a Python script.
1
2
3
4
5
6
7
8
9
from pwn import xor
def xor(data, key):
return bytes([data[i] ^ key[i % len(key)] for i in range(len(data))])
ct = b't%u9t8?M/~bx&uz-ebtux8'
key = b'!K!K!KK~K!!KT!KKT!@!KK'
decrypted_text = xor(ct, key)
print("Decrypted Text: HTB{" + decrypted_text.decode() + "}")
Summary
The Ancored Challenge on Hack The Box is an easy-level challenge focused on encryption reversal and file handling. It involves decompiling the APK to expose native methods (frf(), prp(), mrm()) linked to libanchored.so for building HTTP request parameters. The challenge guides you through understanding the XOR encryption in the frf() function, and you create a Python script to simulate the decryption. By reversing the encryption, you uncover sensitive data, offering valuable insights into the app’s security practices.