Post

HackTheBox fs0ciety Challenge

Posted
By x3ric
1 min read

Explore the basics of cybersecurity in the fs0ciety Challenge on Hack The Box. This easy-level Challenge introduces encryption reversal and file handling concepts in a clear and accessible way, perfect for beginners.

https://app.hackthebox.com/challenges/20

Description

We believe that there is an SSH Password inside password protected ‘ZIP’ folder. Can you crack the ‘ZIP’ folder and get the SSH password?

Exploitation

1
2
3
4

zip2john fsociety.zip > fsociety.hash
john --wordlist=/usr/share/dict/rockyou.txt fsociety.hash
john --show fsociety.hash
unzip fsociety.zip

zip password justdoit

1

echo 'MDExMDEwMDEgMDExMDAxMTAgMDEwMTExMTEgMDExMTEwMDEgMDAxMTAwMDAgMDExMTAxMDEgMDEwMTExMTEgMDExMDAwMTEgMDEwMDAwMDAgMDExMDExMTAgMDEwMTExMTEgMDAxMDAxMDAgMDExMDExMDEgMDAxMTAwMTEgMDExMDExMDAgMDExMDExMDAgMDEwMTExMTEgMDExMTAxMTEgMDExMDEwMDAgMDEwMDAwMDAgMDExMTAxMDAgMDEwMTExMTEgMDExMTAxMDAgMDExMDEwMDAgMDAxMTAwMTEgMDEwMTExMTEgMDExMTAwMTAgMDAxMTAwMDAgMDExMDAwMTEgMDExMDEwMTEgMDEwMTExMTEgMDExMDEwMDEgMDExMTAwMTEgMDEwMTExMTEgMDExMDAwMTEgMDAxMTAwMDAgMDAxMTAwMDAgMDExMDEwMTEgMDExMDEwMDEgMDExMDExMTAgMDExMDAxMTE=' | base64 -d

1
2
3
4

binary_data = "01101001 01100110 01011111 01111001 00110000 01110101 01011111 01100011 01000000 01101110 01011111 00100100 01101101 00110011 01101100 01101100 01011111 01110111 01101000 01000000 01110100 01011111 01110100 01101000 00110011 01011111 01110010 00110000 01100011 01101011 01011111 01101001 01110011 01011111 01100011 00110000 00110000 01101011 01101001 01101110 01100111"
binary_values = binary_data.split()
ascii_output = ''.join([chr(int(b, 2)) for b in binary_values])
print('HTB{'+ascii_output+'}')

Summary

The fs0ciety Challenge on Hack The Box is an easy-level challenge that focuses on ZIP file password cracking and binary-to-text decoding. Participants extract an SSH password by brute-forcing a ZIP archive using zip2john and john, then decode a binary-encoded message to reveal the final flag. This challenge is a great introduction to password cracking, file extraction, and binary analysis, making it ideal for beginners in cybersecurity.

challenge
htb challenge writeup linux misc
This post is licensed under CC BY 4.0 by the author.