HackTheBox QuickScan Writeup
Explore the basics of cybersecurity in the QuickScan Challenge on Hack The Box. This easy-level Challenge introduces encryption reversal and file handling concepts in a clear and accessible way, perfect for beginners.
https://app.hackthebox.com/challenges/694
Description
In order to escape this alive, you must carefully observe and analyze your opponents. Learn every strategy and technique in their arsenal, and you stand a chance of outwitting them. Just do it fast, before they do the same to you…
Exploitation
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
from pwn import *
import tempfile
import base64
def get_process():
try:
host, port = sys.argv[1].split(':')
return remote(host, int(port))
except IndexError:
print(f'Usage: python {sys.argv[0]} <ip:port>')
exit(1)
def get_loaded_value(elf_path):
e = ELF(elf_path, checksec=False)
lea_addr = e.entrypoint + 4
lea_off = u32(e.read(lea_addr + 3, 4), sign='signed')
target = lea_addr + 7 + lea_off
return e.read(target, 0x18)
def do_round(r):
r.recvuntil(b"ELF: ")
elf_b64 = r.recvline().strip()
elf_data = base64.b64decode(elf_b64)
with tempfile.NamedTemporaryFile(delete=False, suffix='.elf') as tmp:
tmp.write(elf_data)
tmp.flush()
loaded_value = get_loaded_value(tmp.name)
r.sendlineafter(b"Bytes? ", loaded_value.hex().encode())
def main():
r = get_process()
do_round(r)
with log.progress("Solving binaries") as p:
for i in range(1, 129):
do_round(r)
p.status(f"Solved {i} binaries")
r.interactive()
if __name__ == "__main__":
main()
Summary
The QuickScan Challenge on Hack The Box is an easy-level challenge focused on encryption reversal and file handling. The Python script uses Pwntools to interact with ELF files, decode base64 binaries, and extract values based on entrypoint offsets, solving multiple rounds by sending the correct values back to the server.