Challenge: Kryptic Ransomware

I just don't get it - any thoughts?
nudges appreciated!

«13

Comments

  • come on.... it has not even started yet....

  • edited January 24

    but never mind.....any nudges appreciated.... for me too .... (as soon as this challenge has been published)... ... ... ;)

  • edited January 24

    Am I missing something obvious? The only thing I see that could be dug into is a parked domain.
    E: Got very basic leads, but not sure what's in scope...

    clubby789

    • GCIH
      If you need help with something, PM me how far you've got already, what you've tried etc (I won't respond to profile comments, or on box release night). And remember to +respect me if I helped you ; )
  • Tried tracing the domain's IP but coordinates wouldn't work...

  • I have tried like 3 or 4 different coordinates from various ways, nothing works...

  • edited January 24

    Currently stuck..
    Tried the GPS coordinates (in DMS format) for city in europe and the building (not in europe) for the big event the leader tweeted about.. Anyone got a nudge if I'm barking up the wrong tree or if I'm getting closer?

  • edited January 24

    Done with one hint. Hardest part for me is calulating correct DMS format.
    At first i tough: whois creating that strange challenges?
    Then i sang a song with bird and cat ;)

    As always we can bruteforce that challenge with two nested for's loop from 0 to 90 with 0.000001 step. Its only 90 000 000 * 90 000 000 attempts. Easy ;)

    If you need help with something, PM me how far you've got already and what you've tried. I won't respond to profile comments. And remember to +respect me if I helped you <3

  • Owned, thanks to @Kucharskov for keeping me in the right direction

    clubby789

    • GCIH
      If you need help with something, PM me how far you've got already, what you've tried etc (I won't respond to profile comments, or on box release night). And remember to +respect me if I helped you ; )
  • I found the position but when i get "Sattelite is repositioning..."
    Is this a bug or the challenge is not over yet lol ?

  • @LukuRajad said:

    I found the position but when i get "Sattelite is repositioning..."

    The website is basically a wrapper for AES decryption, using your coords as the key. That error means that there was an error during decryption. Your coords/format is wrong

    clubby789

    • GCIH
      If you need help with something, PM me how far you've got already, what you've tried etc (I won't respond to profile comments, or on box release night). And remember to +respect me if I helped you ; )
  • i guess challenge got broken.
    pm'ed author

  • Found some interesting

    WHOIS records

    but got stuck after that. The coords linked to those weren't correct so I must be barking up the wrong tree. Time to try harder.

    Hack The Box

  • edited February 8

    Done.
    But now its challenge dont work how it must do.
    We can't finish this challenge without help now.
    If you need help pm me.

    Arrexel

  • edited February 9

    Yeah, the challenge looks broken now for the first step. I solved it a few days ago but when trying to help someone just now, I saw the information has changed now and I don't think one can get past the first step without help. Needs to be fixed.

  • The first step is indeed broken, send me a PM if you need help.

    Hack The Box

  • Finally got this... thanks to @roaldnefs for the first hint(which is now gone) and the nudge

  • Any updates? is it still broken?

  • Done.
    Thank you @roaldnefs for sending me the right information after it got broken.
    That was really fun.

    Hack The Box

  • edited February 16

    After PM'ing @roaldnefs, I believe I was already past the "broken" part and got the required info. Now I just need to dig deeper for more information I guess. Will update if I manage to get further or solve the challenge.

    For now my tips would be:
    don't rely on WHOIS, as that got changed.
    remember it's an OSINT challenge.

  • edited February 17

    Got it, only thing I would say is follow the handle :) First step is fixed.

    godylocks

    If you like my advice, please give me some respect! Thanks!
    Message me on discord: godylocks#5721

  • edited February 18

    @roaldnefs helped me with the correct info for first step (which as @godylocks says is now fixed). but then got completely stuck on the next stage. i've tried several locations for different events, etc but sounds like i'm not at the location stage yet anyway.. is it obvious when you find the correct place? i noticed that if i search an address on google maps then the co-ords change depending on my level of zoom.

    daverules

  • I am in the same boat @daverules. I've searched for the coordinates of those events but none of them are working. We must be ignoring something important. Thanks to @roaldnefs for the help.

  • Struggling around the first step I think, a nudge would be appreciated.

  • Type your comment> @m4rchy said:

    Struggling around the first step I think, a nudge would be appreciated.

    same. not sure if the first step is still broken or what...

  • Just checked the previously broken part and it seems fixed again. Don't forget that it's an OSINT challenge.

    Hack The Box

  • Thanks to @roaldnefs for the nudge. Respect given on the main HTB page. Pointed me in a direction I hadn’t thought of

  • @godylocks I have found coords, when I place them in Zeus satellite I get "Sattelite is repositioning...", I think I have the right ones since any other input just throws a "None was found at that location...", I don't know if it's broken or if I have wrong coords, any help would be appreciated.

  • edited February 26

    I think I have found the right place.

    "There is no place like 127.0.0.1 !"

    But I can't get the coords working on the Zeus page.

  • edited February 26

    Am I missing something? There seems to be nothing indicating any kind of domain to actually investigate.

    EDIT: No clue how I missed that.

Sign In to comment.