Explore the basics of cybersecurity in the SatelliteHijack Challenge on Hack The Box. This a medium-level CTF introduces encryption reversal and file handling concepts in a clear and accessible way, perfect for beginners.

https://app.hackthebox.com/challenges/689

Description#

The crew has located a dilapidated pre-war bunker. Deep within, a dusty control panel reveals that it was once used for communication with a low-orbit observation satellite. During the war, actors on all sides infiltrated and hacked each others systems and software, inserting backdoors to cripple or take control of critical machinery. It seems like this panel has been tampered with to prevent the control codes necessary to operate the satellite from being transmitted - can you recover the codes and take control of the satellite to locate enemy factions?

Exploitation#

reading the code you see tath it reads the env SAT_PROD_ENVIRONRONMENT

and you can extract the memfrob bytearray with gdb if you set the env but this time i will extract the array values “statically”.

memfrob xor 42

data = open('./library.so', 'rb').read()
flag_bytes = []
flag_bytes.extend(data[0x1223:0x122b])
flag_bytes.extend(data[0x122d:0x1235])
flag_bytes.extend(data[0x1241:0x1249])
flag_bytes.extend(data[0x124b:0x1253])
for addr in range(0x1253, 0x1270):
    b = data[addr]
    if b ^ 42 == ord(']'):
        flag_bytes.append(b)
        break
decoded = bytearray(b ^ 42 for b in flag_bytes)
for i in range(len(decoded)):
    decoded[i] ^= i
print("HTB{" + decoded.decode())

Summary#

The SatelliteHijack Challenge on Hack The Box is a medium-difficulty reversing task where participants use GDB to extract obfuscated bytes and apply memfrob plus XOR to recover satellite control codes, demonstrating how trivial XOR obfuscation can be undone through precise reverse-engineering.