HackTheBox Potion Master Writeup
Explore the basics of cybersecurity in the Potion Master Challenge on Hack The Box. This easy-level Challenge introduces encryption reversal and file handling concepts in a clear and accessible way, perfect for beginners.
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
from z3 import *
from functools import reduce
import operator
a = [-43, 61, 58, 5, -4, -11, 64, -40, -43, 61, 62, -51, 46, 15, -49, -44, 47, 4, 6, -7, 47, 7, -59, 52, 17, 11, -56, 61, -74, 52, 63, -21, 53, -17, 66, -10, -58, 0]
b = [6, 106, 10, 0, 119, 52, 51, 101, 0, 0, 15, 48, 116, 22, 10, 58, 93, 59, 106, 43, 30, 47, 93, 62, 97, 63]
c = [304, 357, 303, 320, 304, 307, 349, 305, 257, 337, 340, 309, 396, 333, 320, 380, 362, 368, 286]
d = [52, 52, 95, 95, 110, 49, 51, 51, 95, 110, 110, 53, 116, 51, 98, 63]
s = Solver()
flag = [BitVec(f"flag_{i}", 8) for i in range(76)]
for i in range(len(flag)):
s.add(flag[i] > 0x20)
s.add(flag[i] < 0x7f)
for i in range(0, 76, 2):
s.add(flag[i] - flag[i+1] == a[i//2])
for i in range(0, 76, 3):
s.add(reduce(operator.xor, flag[i:i+3], 0) == b[i//3])
for i in range(0, 76, 4):
s.add(sum(flag[i:i+4]) == c[i//4])
for i in range(0, 76, 5):
s.add(flag[i] == d[i//5])
assert s.check() == sat
m = s.model()
print(bytes([int(repr(m[f])) for f in flag]).decode())
Summary
The Potion Master Challenge on Hack The Box is an easy-level challenge that introduces concepts like encryption reversal, constraint-solving, and reverse-engineering logic. Participants reverse the logic behind a function that verifies a flag using operations like XOR, subtraction, and summation. The task involves analyzing Haskell code, specifically focusing on functions like extractFlag, chunks, and checkFlag, which manipulate the flag string in various ways. By reversing the logic and using the Z3 solver to solve constraints, participants can deduce the correct flag. This challenge provides an excellent opportunity for beginners to dive into cryptographic techniques and logical reasoning in a programming context.