HackTheBox Man In The Middle Challenge
Explore the basics of cybersecurity in the Man In The Middle Challenge on Hack The Box. This easy-level Challenge introduces encryption reversal and file handling concepts in a clear and accessible way, perfect for beginners.
https://app.hackthebox.com/challenges/427
Description
Help! One of our red teamers has captured something between a user and their computer, but we’ve got no idea what we’re looking at! Can you take a look?
Exploitation
1
tshark -r "mitm.log" -d 'btl2cap.cid==65,bthid' -Y 'bthid.data.protocol_code == 0x01' -Y 'usbhid.boot_report.keyboard.keycode_1 != 0x00' -T fields -e 'usbhid.boot_report.keyboard.modifier.left_shift' -e 'usbhid.boot_report.keyboard.keycode_1' | tr '\t' ',' > payload
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
#!/usr/bin/python3
KEY_CODES = {
'0x04': ['a', 'A'],
'0x05': ['b', 'B'],
'0x06': ['c', 'C'],
'0x07': ['d', 'D'],
'0x08': ['e', 'E'],
'0x09': ['f', 'F'],
'0x0a': ['g', 'G'],
'0x0b': ['h', 'H'],
'0x0c': ['i', 'I'],
'0x0d': ['j', 'J'],
'0x0e': ['k', 'K'],
'0x0f': ['l', 'L'],
'0x10': ['m', 'M'],
'0x11': ['n', 'N'],
'0x12': ['o', 'O'],
'0x13': ['p', 'P'],
'0x14': ['q', 'Q'],
'0x15': ['r', 'R'],
'0x16': ['s', 'S'],
'0x17': ['t', 'T'],
'0x18': ['u', 'U'],
'0x19': ['v', 'V'],
'0x1a': ['w', 'W'],
'0x1b': ['x', 'X'],
'0x1c': ['y', 'Y'],
'0x1d': ['z', 'Z'],
'0x1e': ['1', '!'],
'0x1f': ['2', '@'],
'0x20': ['3', '#'],
'0x21': ['4', '$'],
'0x22': ['5', '%'],
'0x23': ['6', '^'],
'0x24': ['7', '&'],
'0x25': ['8', '*'],
'0x26': ['9', '('],
'0x27': ['0', ')'],
'0x28': ['\n', '\n'],
'0x29': ['␛', '␛'],
'0x2a': ['⌫', '⌫'],
'0x2b': ['\t', '\t'],
'0x2c': [' ', ' '],
'0x2d': ['-', '_'],
'0x2e': ['=', '+'],
'0x2f': ['[', '{'],
'0x30': [']', '}'],
'0x32': ['#', '~'],
'0x33': [';', ':'],
'0x34': ["'", '"'],
'0x36': [',', '<'],
'0x37': ['.', '>'],
'0x38': ['/', '?'],
'0x39': ['⇪', '⇪'],
'0x4f': [u'→', u'→'],
'0x50': [u'←', u'←'],
'0x51': [u'↓', u'↓'],
'0x52': [u'↑', u'↑']
}
with open('./payload', 'r') as f:
payload = f.readlines()
flag = []
for line in payload:
line = line.strip()
sh, ch = line.split(',')
ch = ch.strip()
if sh == "True":
flag.append(KEY_CODES.get(ch, [''])[1])
else:
flag.append(KEY_CODES.get(ch, [''])[0])
flag = "".join(flag)
print(flag)
Summary
The Man In The Middle Challenge on Hack The Box is an easy-level cybersecurity challenge designed to familiarize beginners with key concepts of encryption reversal and data interception. This challenge leverages the use of tshark, a powerful network protocol analyzer, to extract HID (Human Interface Device) data from Bluetooth packets, capturing keyboard input to decode messages. Participants refine their skills by handling and analyzing captured data files to reconstruct the original input sequence using a Python script. This practical application improves understanding of network security, data manipulation, and the basics of cryptographic decryption, providing an engaging and educational experience in recognizing and mitigating man-in-the-middle attacks.