HackTheBox Computational Recruting Writeup
Explore the basics of cybersecurity in the Computational Recruting Challenge on Hack The Box. This very-easy-level Challenge introduces encryption reversal and file handling concepts in a clear and accessible way, perfect for beginners.
https://app.hackthebox.com/challenges/714
Description
Not too long ago, your cyborg detective friend John Love told you he heard some strange rumours from some folks in the Establishment that he's searching into. They talked about the possible discovery of a new vault, vault 79, which might hold a big reserve of gold. Hearing of these news, youband your fellow compatriots slowly realized that with that gold reserver you could accomplish your dreams of reviving the currency of old times, and help modern civilization flourish once more. Looking at the potential location of the vault however, you begin to understand that this will be no easy task. Your team by itself is not enough. You will need some new recruitments. Now, standing in the center of Gigatron, talking and inspiring potential recruits, you have collected a big list of candidates based on skills you believe are needed for this quest. How can you decide however which ones are truly worthy of joining you?
Exploitation
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
import re
from pwn import *
def get_process():
try:
host, port = sys.argv[1].split(':')
return remote(host, int(port))
except IndexError:
print(f'Usage: python {sys.argv[0]} <ip:port>')
exit(1)
def get_candidates(file_path):
pattern = r"^\s*([A-Za-z]+)\s+([A-Za-z]+)\s+(\d+)\s+(\d+)\s+(\d+)\s+(\d+)\s+(\d+)\s+(\d+)\s*$"
candidates = []
with open(file_path, 'r') as f:
for line in f.readlines():
match = re.search(pattern, line.strip())
if match:
candidates.append(match.groups())
return candidates
def calculate_values(candidates):
weights = {'Health': 0.18, 'Agility': 0.20, 'Charisma': 0.21, 'Knowledge': 0.08, 'Energy': 0.17, 'Resourcefulness': 0.16}
data = []
for candidate in candidates:
first_name, last_name, health, agility, charisma, knowledge, energy, resourcefulness = candidate
skill_scores = {
'Health': round(6 * (int(health) * 0.2)) + 10,
'Agility': round(6 * (int(agility) * 0.3)) + 10,
'Charisma': round(6 * (int(charisma) * 0.1)) + 10,
'Knowledge': round(6 * (int(knowledge) * 0.05)) + 10,
'Energy': round(6 * (int(energy) * 0.05)) + 10,
'Resourcefulness': round(6 * (int(resourcefulness) * 0.3)) + 10
}
overall_value = round(5 * (skill_scores['Health'] * weights['Health'] +
skill_scores['Agility'] * weights['Agility'] +
skill_scores['Charisma'] * weights['Charisma'] +
skill_scores['Knowledge'] * weights['Knowledge'] +
skill_scores['Energy'] * weights['Energy'] +
skill_scores['Resourcefulness'] * weights['Resourcefulness']))
data.append((f"{first_name} {last_name}", overall_value))
return data
def sort_candidates(data):
return sorted(data, key=lambda x: x[1], reverse=True)[:14]
def get_flag(sorted_candidates):
io = get_process()
solution = ', '.join(f"{name} - {score}" for name, score in sorted_candidates)
io.recvuntil(b'> ')
io.sendline(solution.encode())
flag = io.recvall().decode().strip()
return flag
if __name__ == '__main__':
file_path = 'data.txt'
candidates = get_candidates(file_path)
calculated_values = calculate_values(candidates)
sorted_candidates = sort_candidates(calculated_values)
flag = get_flag(sorted_candidates)
print(flag)
Summary
The Computational Recruiting Challenge on Hack The Box is an easy-level challenge where you parse candidate data, calculate skill scores based on predefined weights, and sort candidates. The script sends the top 14 candidates to a remote service, which returns the flag. It’s perfect for beginners to practice data parsing and calculation.