HackTheBox Living with Elegance Challenge
Explore the basics of cybersecurity in the Living with Elegance Challenge on Hack The Box. This easy-level Challenge introduces encryption reversal and file handling concepts in a clear and accessible way, perfect for beginners.
https://app.hackthebox.com/challenges/702
Description
With injuries and illnesses escalating, the priority is clear: human lives take precedence. Before seeking hidden treasures, it is imperative to first treat the wounded ones. The resolute survivors learn through rumors about a hidden medical research facility known as the “BioMed Research Institute” reputed for its advanced treatments. They plan to locate and infiltrate the institute, intent on securing vital medications and medical equipment necessary to save the lives of their injured comrades. However, such a feat will not come easily. The facility is safeguarded by state-of-the-art security mechanisms known only to the government. The team must navigate several layers of doors to access the heart of the facility. Can you identify any vulnerability or hidden backdoor in this enigmatic security system?
Exploitation
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
#!/usr/bin/env python3
from pwn import *
from tqdm import tqdm
import sys
context.log_level = 'error'
def get_bit(r, i):
for _ in range(30):
r.sendline(str(i).encode())
r.recvline()
r.recvline()
b = int(r.recvline().split(b'= ')[1])
if b < 0 or b >= 256:
return 1
return 0
def main():
if len(sys.argv) != 2:
print(f"Usage: python {sys.argv[0]} <ip:port>")
sys.exit(1)
ip, port = sys.argv[1].split(':')
r = remote(ip, int(port))
r.recvuntil(b':')
r.sendline(b'9999')
m = int(r.recvline().split(b'[0, ')[1].split(b']')[0]) + 1
flag_bits = []
for i in tqdm(range(m), desc="\033[92mExtracting bits\033[0m", colour="green"):
bit = get_bit(r, i)
flag_bits.append(str(bit))
flag = int(''.join(flag_bits), 2).to_bytes((m+7)//8, 'big')
print(f"\033[92mFlag\033[0m: {flag.decode()}")
if __name__ == '__main__':
main()
Summary
The Living with Elegance Challenge on Hack The Box presents a cryptographic puzzle requiring analysis of a binary decision-making system. Participants exploit a vulnerability in a security mechanism by iteratively extracting bits of the flag. This challenge introduces concepts such as bitwise operations, remote interaction with a vulnerable system, and binary-to-string conversion. It serves as a practical and engaging way to build skills in reverse engineering and exploiting logical flaws.