Official HackyBird Discussion

htbapibothtbapibot
in Challenges

Official discussion thread for HackyBird. Please do not post any spoilers or big hints.

Comments

  • 0xczar0xczar
    edited December 2020

    Well....

    aimforthehead

  • wardrivewardrive

    Spoiler Removed

  • Ph03n1xr1535Ph03n1xr1535

    Any hints on this please...

    I am not sure what needs to be done exactly.. Do we need to find the window procedure for the "space" key event and modify something to win the game ?

  • DefaulTsDefaulTs

    This challenge is quite funny it was fun, pm if u need help ^^

  • ryancorryancor

    this challenge makes zero sense. for a 30 point challenge, it got extremely annoying

  • wardrivewardrive
    edited December 2020

    So I didn't actually realize I had posted a spoiler until after I had solved it, so I apologize.

    For a more generic hint:
    How would one normally cheat in a PC game that doesn't have hardcoded cheatcodes?
    How do you go about creating your own simple cheats?
    What's the "win" condition?

  • parrotsecurityparrotsecurity

    I run the exe in any run and it says that the exe is trojan when I put exe to virus total it says that the av recognize the exe as trojan the link https://www.virustotal.com/gui/file/7aa24d17cec7181c71a04b7a8279e420c30f7364acd8cc7ac351be63254071b0/detection

  • Baseizo7Baseizo7

    Also seeing the exe tagged as trojan. Perhaps HTB or creator could chime in?

  • femfyratrefemfyratre

    This challenge was not easy, like at all. I don't understand why it is listed in easy track.

    Anyway, after getting some hints and guessing some numbers, I was able to solve it. Very disappointed that I could not find some logical way to solve it, without guessing.

    I did lookup a writeup on GitHub just to find out that the solution was to "guess some numbers" and voilà, "we solved this challenge".

    I would love to see a proper walkthrough involving logical steps to solve such challenges.

  • socialkassocialkas

    Hi there, I just solved it without guessing any numbers. In fact, this is indeed an easy challenge, though I have to admit that I was a bit puzzled because I am not used to the old-fashioned Windows API calls.

    PM me if you want more details.

    Cheers!

    Sociaslkas

  • ezricisspezricissp
    edited January 17

    Type your comment> @parrotsecurity said:

    I run the exe in any run and it says that the exe is trojan when I put exe to virus total it says that the av recognize the exe as trojan the link https://www.virustotal.com/gui/file/7aa24d17cec7181c71a04b7a8279e420c30f7364acd8cc7ac351be63254071b0/detection

    Most likely a "false positive". HTB would be liable for distributing viruses. Note 38 engines think it's a Trojan while 33 engines say, it is OK. Run the challenge in a safe VM if in doubt

  • ezricisspezricissp

    @Baseizo7 said:
    Also seeing the exe tagged as trojan. Perhaps HTB or creator could chime in?

    Not creator but in this field there will be many false positives.

  • TazWakeTazWake

    @parrotsecurity said:

    I run the exe in any run and it says that the exe is trojan when I put exe to virus total it says that the av recognize the exe as trojan the link https://www.virustotal.com/gui/file/7aa24d17cec7181c71a04b7a8279e420c30f7364acd8cc7ac351be63254071b0/detection

    Good opportunity to look at how AV works and why its good to dig into the detection rather than assume the AV alert is legitimate.

    TazWake

    Note: https://www.nohello.com/

    Happy to help people but PLEASE explain your problem in as much detail as possible! If you say vague things like "It's not working", I cant help. This isn't Twitter so my DMs are always open.

  • p4triap4tria

    Well, thats another challenge that can be brainfuck if you don't use a specific tool to Cheat in some games Engines...
    Hint: You need to guess wich number shows the flag; start for the most common ones

    Hack The Box

  • kazarskikazarski
    edited February 2

    Type your comment> @p4tria said:

    Well, thats another challenge that can be brainfuck if you don't use a specific tool to Cheat in some games Engines...
    Hint: You need to guess which number shows the flag; start for the most common ones

    I don't know if I understood what you meant in" the number that shows the flag", but I managed to find the win condition and win, and now all I am seeing is a screen with Chinese characters and the word Courier, am I missing something?

  • p4triap4tria

    Type your comment> @kazarski said:

    Type your comment> @p4tria said:

    Well, thats another challenge that can be brainfuck if you don't use a specific tool to Cheat in some games Engines...
    Hint: You need to guess which number shows the flag; start for the most common ones

    I don't know if I understood what you meant in" the number that shows the flag", but I managed to find the win condition and win, and now all I am seeing is a screen with Chinese characters and the word Courier, am I missing something?

    if you get some chinese chars maybe you scored to much...

    Hack The Box

  • davidlightmandavidlightman

    To anyone figuring out how to find "the number that shows the flag". Try to see who is accessing it.

  • SteanStean

    I won't spoil, which obvious tool I used for solving it, but at least I can give you the hint to not use the IDA debugger. I haven't figured out yet why it didn't work for me (as I would have expected that both tools do the same) but for some reason it just worked with another tool.

    My final approach: Just use a typical tool for such type of programs, find the correct address, use the built-on functionality to see the condition and then simply try to only just fulfill it (no guessing necessary) .

  • TesterGNTesterGN

    Finally got it. Not a classical reverse challenge. I have spent too much time with the wrong tools. The comments helped me to find it. Thanks, I have learned a new nice tool.

  • aelbaselaelbasel

    Type your comment> @kazarski said:

    Type your comment> @p4tria said:

    Well, thats another challenge that can be brainfuck if you don't use a specific tool to Cheat in some games Engines...
    Hint: You need to guess which number shows the flag; start for the most common ones

    I don't know if I understood what you meant in" the number that shows the flag", but I managed to find the win condition and win, and now all I am seeing is a screen with Chinese characters and the word Courier, am I missing something?

    same here, tried with two boxes already (win7 and win10), same results.

    any hints?

  • stxmp1stxmp1

    I was getting Asian letters for the longest time but I figured out why. Its a little bit stupid if im honest so ill warn this: editing the binary makes the file unstable. Try to avoid doing that ;). Feel free to pm me if you need any more hints and are getting the chinese.

Sign In to comment.