Post

HackTheBox Multipage Recyclings Writeup

Posted
By x3ric
2 min read

Explore the basics of cybersecurity in the Multipage Recyclings Challenge on Hack The Box. This easy-level Challenge introduces encryption reversal and file handling concepts in a clear and accessible way, perfect for beginners.

https://app.hackthebox.com/challenges/477

Description

As your investigation progressed, a clue led you to a local bar where you met an undercover agent with valuable information. He spoke of a famous astronomy scientist who lived in the area and extensively studied the relic. The scientist wrote a book containing valuable insights on the relic's location, but encrypted it before he disappeared to keep it safe from malicious intent. The old man disclosed that the book was hidden in the scientist's house and revealed two phrases that the scientist rambled about before vanishing.

Exploitation

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28

#!/usr/bin/env python3
from Crypto.Cipher import AES
from binascii import unhexlify

def blockify(message, size):
    return [message[i:i + size] for i in range(0, len(message), size)]

def xor_bytes(a, b):
    return bytes([_a ^ _b for _a, _b in zip(a, b)])

def analyze_encryption():
    ct = unhexlify('b25bc89662197c6462188e5960eea4fbef11424b8ebdcd6b45c8f4240d64f5d1981aab0e299ff75ce9fba3d5d78926543e5e8c262b81090aef60518ee241ab131db902d2582a36618f3b9a85a35f52352d5499861b4a878fac1380f520fe13deb1ca50c64f30e98fa6fdc070d02e148f')
    r = 3
    phrases = ['5fe633e7071e690fbe58a9dace6f3606', '501ccdc4600bc2dcf350c6b77fcf2681']
    leak1 = unhexlify(phrases[0])
    leak2 = unhexlify(phrases[1])
    blocks = blockify(ct, 16)
    pt_block1 = xor_bytes(blocks[r + 1], leak1)
    pt_block2 = xor_bytes(blocks[r + 2], leak2)
    flag = pt_block2[-15:].decode() + pt_block1.decode()
    return flag

def main():
    flag = analyze_encryption()
    print(flag+ '}')

if __name__ == "__main__":
    main()

Summary

The Multipage Recyclings Challenge on Hack The Box is an easy-level task that introduces participants to basic cryptographic concepts and file handling. The scenario involves decrypting a book written by a scientist who studied a mysterious relic. The book was encrypted to protect its contents, and the challenge provides two leaked phrases that serve as keys to decrypt the ciphertext. The provided Python script analyzes the encryption scheme by breaking the ciphertext into blocks and using XOR operations with the leaked phrases to reveal the plaintext. By reconstructing the decrypted blocks, the script successfully retrieves the flag. This challenge emphasizes the importance of understanding basic cryptographic operations like XOR and block cipher manipulation, making it an excellent starting point for beginners in cryptography and cybersecurity.

challenge
htb challenge writeup linux crypto
This post is licensed under CC BY 4.0 by the author.