HackTheBox Que Onda Writeup
Explore the basics of cybersecurity in the Que Onda Challenge on Hack The Box. This very-easy-level Challenge introduces encryption reversal and file handling concepts in a clear and accessible way, perfect for beginners.
Proof of Concept (PoC)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
from pwn import *
def get_process():
try:
host, port = sys.argv[1].split(':')
return remote(host, int(port))
except IndexError:
print(f'Usage: python {sys.argv[0]} <ip:port>')
exit(1)
p = get_process()
p.sendline(b'flag')
response = p.recvall().decode('utf-8', errors='ignore')
p.close()
flag = re.search(r'HTB\{.*?\}', response)
if flag:
print(flag.group(0))
else:
print("Flag not found")
Summary
Que Onda on Hack The Box involves basic binary exploitation with a secure binary setup: Full RELRO, Stack Canary, NX, and PIE are enabled. The task is straightforward—send the string "flag" to the program to retrieve the flag.
This post is licensed under CC BY 4.0 by the author.