Post

HackTheBox Branching Tactics Challenge

Posted
By x3ric
2 min read

Explore the basics of cybersecurity in the Branching Tactics Challenge on Hack The Box. This medium-level Challenge introduces encryption reversal and file handling concepts in a clear and accessible way, perfect for beginners.

https://app.hackthebox.com/challenges/711

Description

You have finally reached the vault, however upon reaching it you lay your eyes on a super mutant camp outisde of the vault’s entrance. Seeing that you are vastly outnumbered, you decide to not engage in combat and risk losing them. Instead, you decide to use the tnt you brought along, and place them strategically in the underground tunnel network to blow up the mutant camp so all of them are eliminated. However your group is tired, and may not deliver them at the desired location, so you also need to account as to where the explosives will end up. Like the branches of a tree, can you find study the underground tunnel and find where to put your bombs to defeat the mutants and enter the vault of hope?

Exploitation

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56

#!/usr/bin/env python3
from collections import deque
from pwn import remote
from tqdm import tqdm

def bfs(start, destination, edges):
    queue = deque([{"node": start, "path": [start]}])
    visited = set()
    while queue:
        current = queue.popleft()
        current_node = current["node"]
        if current_node in visited:
            continue
        visited.add(current_node)
        if current_node == destination:
            return current["path"]
        for neighbor in edges.get(current_node, []):
            if neighbor not in visited:
                new_path = current["path"] + [neighbor]
                queue.append({"node": neighbor, "path": new_path})        
    return []

def solve(start, destination, steps, edges):
    path = bfs(start, destination, edges)
    return destination if steps >= len(path) else path[steps]

def main():
    try:
        import sys
        if len(sys.argv) != 2 or ':' not in sys.argv[1]:
            exit(f'Usage: python {sys.argv[0]} <ip:port>')
        host, port = sys.argv[1].split(":")
        io = remote(host, int(port))
        for _ in tqdm(range(100), desc="Processing Rounds", unit="round"):
            io.recvuntil(b"Test")
            io.recvline()
            n = int(io.recvline().strip())
            edges = {}
            for _ in range(n - 1):
                e1, e2 = map(int, io.recvline().strip().split())
                edges.setdefault(e1, []).append(e2)
                edges.setdefault(e2, []).append(e1)
            m = int(io.recvline().strip())
            for _ in range(m):
                start, dest, steps = map(int, io.recvline().strip().split())
                result = solve(start, dest, steps, edges)
                io.sendline(str(result).encode())
        flag = io.recvuntil(b"HTB{").decode() + io.recvline().decode().strip()
        print(flag)
    except Exception as e:
        print(f"Error occurred: {e}")
    finally:
        io.close()

if __name__ == "__main__":
    main()

Summary

The Branching Tactics Challenge on Hack The Box is a medium-level challenge focused on graph traversal and pathfinding. Participants must strategically place explosives in an underground tunnel network to eliminate mutants guarding a vault entrance. By studying the network and using Breadth-First Search (BFS), they need to find the optimal path for placing explosives at the right locations. This challenge introduces basic graph theory, BFS traversal, and remote interaction using Python for problem-solving.

challenge
htb challenge writeup linux misc bfs
This post is licensed under CC BY 4.0 by the author.