HackTheBox FastJson and Furious Writeup
Explore the basics of cybersecurity in the FastJson and Furious Challenge on Hack The Box. This easy-level Challenge introduces encryption reversal and file handling concepts in a clear and accessible way, perfect for beginners.
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
import hashlib
import json
POSTFIX = "20240227"
def calc_hash(input_str):
result_str = ""
try:
json_obj = json.loads(input_str.replace('":', POSTFIX + '":'))
if len(json_obj.keys()) != 2:
return "Not has exactly 2 keys"
sorted_keys = sorted(json_obj.keys())
for key in sorted_keys:
result_str += key + str(json_obj[key])
md5_hash = hashlib.md5()
md5_hash.update(result_str.lower().encode('utf-8'))
big_integer = md5_hash.hexdigest()
while len(big_integer) < 32:
big_integer = "0" + big_integer
return f"HTB{{{big_integer}}}"
except json.JSONDecodeError:
return "JSONDecodeError"
input_str = '{"example_key1":"example_value1","example_key2":"example_value2"}'
input_str1 = '{"example_key1":"example_value1","example_key2":"example_value2"}'
#print(calc_hash(input_str1))
input_str2 = '{"@Type":"hhhkb.ctf.fastjson_and_furious.Flag","success":true}'
print(calc_hash(input_str2))
Summary
The FastJson and Furious Challenge on Hack The Box provides an accessible introduction to encryption reversal and file handling. This easy-level challenge is perfect for beginners, focusing on parsing JSON data and using MD5 hashing to derive a flag. The challenge walks through modifying JSON structures, understanding data handling, and applying basic encryption concepts, all while providing a fun and engaging problem-solving experience for newcomers to cybersecurity.
This post is licensed under CC BY 4.0 by the author.