Matrioshka

Hey all,

I could use some help on the Matrioshka challenge. I have tried the obvious try, and it fails miserably. Relevant documentation, challenge writeups, directions are more than welcome!

«13

Comments

  • cdtcdt
    edited June 3

    I got a "GPG symmetrically encrypted data (AES cipher)" file from matrioshka4 and I have no idea if it is correct or what to do now. Any hint?

    Edit: Got it. It was just a little step.

    Hack The Box

  • I'm not getting any more progress after dumping the .png. Matrioshka3 shows an 'empty' zip file. What am I missing?

  • Same problem after .png file

  • You get some protected zip file after dump the .png ... I had to work a bit on this file to be able to crack the password and get matrioshka3.zip

    Hack The Box

  • am solving the 3 layer, boi it just goes on
  • That was a quality challenge, difficult but not impossible. Don't forget your paste buffer has a limit.

  • Type your comment> @cdt said:

    You get some protected zip file after dump the .png ... I had to work a bit on this file to be able to crack the password and get matrioshka3.zip

    Awesome hint ;)

  • Fun challenge !

  • I'm in the same boat as OP. Anyone available for a PM to get me headed in the right direction?

  • here is a hint:

    1g 0:00:00:00 DONE 2/3 (2019-06-08 11:41) 10.00g/s 411620p/s 411620c/s 411620C/s qwert2..shirley2
    Use the "--show" option to display all of the cracked passwords reliably
    Session completed

    do not use rockyou instead use the default one to get the 3rd zip

  • I got password to extract 3rd zip. But that zip contains a lot of small other zip files. In addition, the archive itself weighs 25KB and inside there is a 4.5GB file. Any nudge for that?

    If you need help with something, PM me how far you've got already and what you've tried. I won't respond to profile comments. And remember to +respect me if I helped you <3

  • Type your comment> @Kucharskov said:

    I got password to extract 3rd zip. But that zip contains a lot of small other zip files. In addition, the archive itself weighs 25KB and inside there is a 4.5GB file. Any nudge for that?

    Have you tried strings on it?

  • edited June 14
    Can someone share/offer a tip for this challenge? I tried all obvious: strings, exiftool, zipinfo, crack pass against rockyou - to name a few.

    EDIT: solved now :-) Happy to offer hints/advice - just PM
  • I extracted the zip from the png, then the next zip, then the 5 layers of smaller zips, and then... I got a 655Mb string of zeros...

    I'm pretty sure I must have overlooked something LOL

  • Type your comment> @cdt said:

    I got a "GPG symmetrically encrypted data (AES cipher)" file from matrioshka4 and I have no idea if it is correct or what to do now. Any hint?

    Edit: Got it. It was just a little step.

    Care to share a hist to that little step? I'm stuck after matrioshka4, just like you. Run out of ideas.

  • Type your comment> @M1ndCh41N said:

    Type your comment> @cdt said:

    I got a "GPG symmetrically encrypted data (AES cipher)" file from matrioshka4 and I have no idea if it is correct or what to do now. Any hint?

    Edit: Got it. It was just a little step.

    Care to share a hist to that little step? I'm stuck after matrioshka4, just like you. Run out of ideas.

    You need to get all strings of matrioshka4. The simplest command to get this is not enough.

    Hack The Box

  • For me the last step required moving from Kali to Windows
    because in Kali required decryption tool does not work correctly.

    You need to get all strings of matrioshka4.
    The simplest command to get this is not enough.

    Fully agreed)

    tabacci

  • You need to get all strings of matrioshka4. The simplest command to get this is not enough.

    Got it!

  • Got it! Many new things to do, few new tricks i learned. Amazing!
    PM me if you wanna help :)

    If you need help with something, PM me how far you've got already and what you've tried. I won't respond to profile comments. And remember to +respect me if I helped you <3

  • I Got it!!!! Thank @Kucharskov

  • when I do binwalk with switch e to extract for each file and go to new folder after extracted its infinite loop? any help guys ?

  • Type your comment> @waspy said:

    do not use rockyou instead use the default one to get the 3rd zip

    What default wordlist to use?

  • rockyou works as well

    Hack The Box

  • Got it, thanks to cdt and Kucharskov for the last part... An hint : don't overestimate your buffer...

  • Type your comment> @fuser said:

    Type your comment> @waspy said:

    do not use rockyou instead use the default one to get the 3rd zip

    What default wordlist to use?

    the default list from that very famous binary

  • Some hint for big hex in matr****** 4? I have all str***gs
  • This was quite interesting. Props to the creator very well done. Learnt a few things from this. The last bit stumped me but HTB has a great community!

  • Got it, thanks to all those that helped.
    If anyone needs a hint, you can PM me.

    Discord : secHaq#7121
    trigger

  • rockyou doesn't work,What default wordlist to use?
    famous binary wordlist?
    Any hint? thanks!!

  • Type your comment> @Nick said:

    rockyou doesn't work,What default wordlist to use?
    famous binary wordlist?
    Any hint? thanks!!

    use rockyou, if it works

Sign In to comment.