HackTheBox Questionnaire Writeup

Explore the basics of cybersecurity in the Questionnaire Challenge on Hack The Box. This very-easy-level Challenge introduces encryption reversal and file handling concepts in a clear and accessible way, perfect for beginners.

https://app.hackthebox.com/challenges/460

Description

It’s time to learn some things about binaries and basic c. Connect to a remote server and answer some questions to get the flag.

Solution

Is this a ‘32-bit’ or ‘64-bit’ ELF? (e.g. 1337-bit)

64-bit

What’s the linking of the binary? (e.g. static, dynamic)

dynamic

Is the binary ‘stripped’ or ‘not stripped’?

not stripped

Which protections are enabled (Canary, NX, PIE, Fortify)?

NX

What is the name of the custom function the gets called inside main()? (e.g. vulnerable_function())

vuln

What is the size of the ‘buffer’ (in hex or decimal)?

0x20

Which custom function is never called? (e.g. vuln())

gg

What is the name of the standard function that could trigger a Buffer Overflow? (e.g. fprintf())

fgets

Insert 30, then 39, then 40 ‘A’s in the program and see the output. After how many bytes a Segmentation Fault occurs (in hex or decimal)?

40

What is the address of ‘gg()’ in hex? (e.g. 0x401337)

0x401176

Summary

The Questionnaire Challenge on Hack The Box is an introductory exercise for beginners focusing on binary analysis and basic C programming. Participants connect to a server to answer questions about a binary, identifying its architecture (64-bit), linking (dynamic), stripping status (not stripped), and security features (NX enabled). The challenge involves recognizing functions like vuln and gg, analyzing buffer sizes (32 bytes), triggering functions (fgets), and debugging outcomes like segmentation faults after 40 bytes. This challenge serves as a practical primer in understanding and analyzing executable files in a cybersecurity context.