Explore the basics of cybersecurity in the Que Onda Challenge on Hack The Box. This very-easy-level Challenge introduces encryption reversal and file handling concepts in a clear and accessible way, perfect for beginners.

https://app.hackthebox.com/challenges/821

Description#

Que onda! Welcome to the festival of Pwn! This is a small guide to help you continue your journey, follow the instructions in README.txt

Exploitation#

#!/usr/bin/python3
from pwn import *

def get_process():
    try:
        host, port = sys.argv[1].split(':')
        return remote(host, int(port))
    except IndexError:
        print(f'Usage: python {sys.argv[0]} <ip:port>')
        exit(1)

p = get_process()
p.sendline(b'flag')
response = p.recvall().decode('utf-8', errors='ignore')
p.close()
flag = re.search(r'HTB\{.*?\}', response)
if flag:
    print(flag.group(0))
else:
    print("Flag not found")

Summary#

Que Onda on Hack The Box involves basic binary exploitation with a secure binary setup: Full RELRO, Stack Canary, NX, and PIE are enabled. The task is straightforward—send the string "flag" to the program to retrieve the flag.