Post

HackTheBox Bag Secured Writeup

Posted
By x3ric
1 min read

Explore the basics of cybersecurity in the Bag Secured Challenge on Hack The Box. This easy-level Challenge introduces encryption reversal and file handling concepts in a clear and accessible way, perfect for beginners.

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50

#!/usr/bin/env python3
import sys
from pwn import remote

def get_values(test_n):
    io.recvuntil(f'Test {test_n + 1}/100\n'.encode())
    N = int(io.recvuntil(b' ').decode())
    C = int(io.recvline().rstrip().decode())
    weights = []
    values = []
    for _ in range(N):
        product = io.recvline().rstrip().decode().split(' ')
        weights.append(int(product[0]))
        values.append(int(product[1]))
    return N, C, weights, values

def solve_knapsack(n, c, weights, values):
    dp = [[0 for _ in range(c + 1)] for _ in range(n + 1)]
    for i in range(1, n + 1):
        for w in range(1, c + 1):
            if weights[i-1] <= w:
                dp[i][w] = max(dp[i-1][w], dp[i-1][w-weights[i-1]] + values[i-1])
            else:
                dp[i][w] = dp[i-1][w]
    return dp[n][c]

def send_solution(max_sum):
    io.sendline(f'{max_sum}'.encode())

def get_flag():
    io.recvuntil(b'HTB{')
    return b'HTB{' + io.recvline().rstrip()

def exp():
    for t in range(100):
        print('Test', t + 1)
        N, C, weights, values = get_values(t)
        max_sum = solve_knapsack(N, C, weights, values)
        send_solution(max_sum)
    flag = get_flag()
    print(flag)

if __name__ == "__main__":
    if len(sys.argv) != 2:
        print(f"Usage: {sys.argv[0]} <ip:port>")
        sys.exit(1)
    ip, port = sys.argv[1].split(":")
    port = int(port)
    io = remote(ip, port)
    exp()

Summary

The Bag Secured Challenge on Hack The Box is a straightforward task based on the classic knapsack problem. Participants must use the knapsack algorithm to maximize value within weight constraints, iteratively solving 100 test cases by communicating with a server. This easy-level challenge highlights dynamic programming and optimization in a concise, practical setup, rewarding players with the final flag upon completion.

challenge
htb challenge writeup linux misc
This post is licensed under CC BY 4.0 by the author.