HackTheBox Shuffleme Challenge
Explore the basics of cybersecurity in the Shuffleme Challenge on Hack The Box. This hard-level Challenge introduces encryption reversal and file handling concepts in a clear and accessible way, perfect for beginners.
https://app.hackthebox.com/challenges/356
Description
Intelligence indicates that the ancient data storage device you’ve obtained contains schematics for a never-before-seen weapon. But there’s a problem - it’s locked, and strange symbiotic lifeforms on its surface are constantly removing parts and reinserting them elsewhere. Can you get a clear picture of what’s going on?
Exploitation
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
#!/usr/bin/env python3
from pwn import *
from Crypto.Cipher import AES
from Crypto.Util.Padding import unpad
e = ELF('./shuffleme')
iv = bytes([0 for _ in range(16)])
key = []
keybuf = e.read(e.sym['key_blob'], 32*4)
for i in range(0, 32*4, 4):
key.append(keybuf[i])
data = []
databuf = e.read(e.sym['data_blob'], 0x50*4)
for i in range(0, len(databuf), 4):
data.append(databuf[i])
dec = AES.new(bytes(key), AES.MODE_CBC, iv)
print(unpad(dec.decrypt(bytes(data)), 16).decode())
Summary
The Shuffleme Challenge on Hack The Box is a hard-level reverse engineering puzzle that introduces AES encryption and binary analysis. Participants decrypt an AES-encrypted payload by extracting the key and IV from a binary, using AES-CBC decryption to reveal the flag. Ideal for intermediate to advanced users, it offers hands-on experience with encryption reversal and binary exploitation.