HackTheBox Tear Or Dear Challenge
Explore the basics of cybersecurity in the Tear Or Dear Challenge on Hack The Box. This easy-level Challenge introduces encryption reversal and file handling concepts in a clear and accessible way, perfect for beginners.
https://app.hackthebox.com/challenges/3
Description
Find the username and password and put them in the flag in the format: HTB{username:password}
Warning: It can produce false positives.
Exploitation
Use dnspy to decompile
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
#!/usr/bin/python3
import math
def extract_username():
array = [
"1", "2", "4", "g", "h", "l", "o", "3", "g", "p",
"p", "k", "d", "f", "s", "e", "w", "r", "t", "z",
"u", "i", "i", "&", "$", "_"
]
username = array[0] + array[4] + array[10] + array[22] + array[9]
return username[::-1]
def main():
username = extract_username()
password = "roiw!@#"
flag = f"HTB{{{username}:{password}}}"
print(flag)
if __name__ == "__main__":
main()
Summary
The Tear Or Dear Challenge on Hack The Box is an easy-level reverse engineering puzzle that introduces basic decompilation and string manipulation techniques. Participants are tasked with extracting a username and password from a decompiled binary using tools like dnspy. By analyzing the binary and writing a Python script to reconstruct the username from a predefined array, the flag is revealed in the format HTB{username:password}. This challenge provides hands-on experience with reverse engineering, decompilation, and string manipulation, making it ideal for beginners. It offers a practical introduction to binary analysis and data extraction in cybersecurity.