Post

HackTheBox Whole Lotta Candy Writeup

Posted
By x3ric
2 min read

Explore the basics of cybersecurity in the Whole Lotta Candy Challenge on Hack The Box. This easy-level Challenge introduces encryption reversal and file handling concepts in a clear and accessible way, perfect for beginners.

https://app.hackthebox.com/challenges/415

Description

In a parallel universe, "trick-or-treat" is played by different rules. As technologies became more advanced and the demand for security researchers increased, the government decided to incorporate security concepts into every game and tradition. Instead of candy, kids have the choice of selecting a AES mode and encrypting their plaintext. If they somehow manage to find the FLAG, they get candy. Can you solve this basic problem for the toddlers of this universe?

Exploitation

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63

#!/usr/bin/env python3
from pwn import *
import json

def get_process():
    if len(sys.argv) > 1:
        ip, port = sys.argv[1].split(':')
        return remote(ip, int(port))
    print(f"Usage: {sys.argv[0]} <ip:port>")
    sys.exit(1)

def send_json(s, data):
    s.sendline(json.dumps(data).encode())

def get_ctr_mode():
    while True:
        r = get_process()
        initial = r.recvuntil(b'>').decode()
        if 'CTR' in initial:
            log.success("Got CTR mode!")
            return r
        r.close()
        log.info("Retrying for CTR mode...")

def perform_attack():
    r = get_ctr_mode()
    send_json(r, {"option": "1"})
    r.recvuntil(b'{"response": "encrypted", "ciphertext": "')
    flag_ct = r.recvuntil(b'"').decode().strip('"')
    log.info(f"Flag ciphertext: {flag_ct}")
    pt_len = len(flag_ct) // 2
    known_pt = "A" * pt_len
    send_json(r, {"option": "2"})
    r.recvuntil(b'Enter plaintext:')
    send_json(r, {"plaintext": known_pt})
    r.recvuntil(b'{"response": "encrypted", "ciphertext": "')
    known_ct = r.recvuntil(b'"').decode().strip('"')
    log.info(f"Known plaintext ciphertext: {known_ct}")
    flag_bytes = xor(
        bytes.fromhex(flag_ct),
        known_pt.encode(),
        bytes.fromhex(known_ct)
    )
    try:
        flag_text = ""
        for b in flag_bytes:
            if b < 32 or b > 126:
                break
            flag_text += chr(b)
        if "}" in flag_text:
            flag = flag_text[:flag_text.index("}") + 1]
            log.success(f"Flag: {flag}")
        else:
            log.error("Could not find end of flag")
            log.info(f"Raw bytes: {flag_bytes.hex()}")         
    except Exception as e:
        log.error(f"Error processing flag: {e}")
        log.info(f"Raw bytes: {flag_bytes.hex()}")
    
    r.close()

if __name__ == "__main__":
    perform_attack()

Summary

The Whole Lotta Candy Challenge on Hack The Box is an easy-level task focused on exploiting AES encryption in CTR mode. In this unique scenario where trick-or-treaters choose encryption modes, participants must intercept and manipulate encrypted messages to reveal the flag. The Python script automates the attack by waiting for CTR mode availability, performing known plaintext encryption, and using XOR operations to recover the original flag from the ciphertext. This challenge effectively demonstrates the malleability of stream ciphers and the importance of understanding encryption modes, making it an excellent introduction to practical cryptographic attacks.

challenge
htb challenge writeup linux crypto
This post is licensed under CC BY 4.0 by the author.