HackTheBox Weak RSA Writeup
Explore the basics of cybersecurity in the Weak RSA Challenge on Hack The Box. This easy-level Challenge introduces encryption reversal and file handling concepts in a clear and accessible way, perfect for beginners.
https://app.hackthebox.com/challenges/6
Description
Can you decrypt the message and get the flag?
Exploitation
1
2
3
4
5
6
7
8
9
10
11
12
13
14
#!/usr/bin/env python3
from Crypto.PublicKey import RSA
from Crypto.Cipher import PKCS1_OAEP
import binascii, re
with open('priv.key', 'r') as f:
private_key = RSA.import_key(f.read())
with open('flag.enc', 'rb') as f:
encrypted_data = f.read()
decrypted_int = pow(int.from_bytes(encrypted_data, 'big'), private_key.d, private_key.n)
decrypted_bytes = decrypted_int.to_bytes((decrypted_int.bit_length() + 7) // 8, 'big')
ascii_data = decrypted_bytes.decode('ascii', errors='ignore')
if 'HTB{' in ascii_data:
print(re.search(r'HTB{[^}]+}', ascii_data).group(0))
Summary
The Weak RSA Challenge on Hack The Box is an easy-level task that introduces participants to RSA encryption and decryption. The challenge involves decrypting a message using a provided private key (priv.key) to retrieve the flag. The Python script reads the private key and encrypted flag (flag.enc), performs RSA decryption using modular exponentiation, and extracts the flag from the decrypted data. This challenge emphasizes the importance of understanding RSA cryptography and demonstrates how private keys can be used to decrypt messages. It’s a beginner-friendly exercise for learning about encryption and decryption processes in cybersecurity.