Cryptohorrific

I am new to app development in Apple ecosystem as well as the usage of XCode, thus unable to explain many things provided in the file.

I do see some useful .plist files that contains valuable information yet unable to decode it, possibly because there's more encryption behind it.

Also the issue with the image being compressed and unable to view.

Do I need an iphone to win this challenge? Or are the files provided sufficient?

Please provide me with some advice =)

«1

Comments

  • @LeDeceiver said:
    I am new to app development in Apple ecosystem as well as the usage of XCode, thus unable to explain many things provided in the file.

    I do see some useful .plist files that contains valuable information yet unable to decode it, possibly because there's more encryption behind it.

    Also the issue with the image being compressed and unable to view.

    Do I need an iphone to win this challenge? Or are the files provided sufficient?

    Please provide me with some advice =)

    We wouldn't release anything that requires an actual non-free device in order to solve ;)

    Hack The Box

  • Good luck, my friend. Im stuck on this challenge as well. My lack of RE skill shines bright on this one.

  • edited June 2018

    I have identified the file I need to focus on within the app bundle.
    I took the right steps to unveil the relevant data in ASCII format.

    Now I am left with an encoded flag, but despite trying rearranging the data, chaining decoding algorithms, replacing specific bits, the string I am working with does not comply with base64 and cannot be decoded (it decodes as garbage).

    I have also considered the "id" and "title" keys as hints, without luck.

    What am I missing?

    -=> I DO NOT REPLY TO PRIVATE MESSAGES <=-

  • edited June 2018

    SPOILER

  • edited June 2018

    @KouPreY said:
    SPOILER

    You are almost done, keep trying IV and KEY should sound familiar

  • I got it. Actually, it doesn't need much knowledge on RE. However, I find out that decompiler help me a lot for this challenge.

  • I've been working on this one and have hit a wall with what to do next. I've found the file out interest with the flag and decompiled with IDA, but all of the decryption tools I've tried aren't working. Any hints would be lovely.

  • Crypto and iOS means that there is the CCCrypto framework in the mix.
    I read the documentation for it and tried to decrypt the string using a key, an initialisation Vector (where needed) and then I tries to use every single cipher from AES down to RC2 without any luck.

    Is the flag ready or does it needs to be fixed first? As I see that it is not a proper base64 as it is.

    -=> I DO NOT REPLY TO PRIVATE MESSAGES <=-

  • I've gone through and looked up what the file extensions do as far as what they file types are, converted all files from hex, and checked most for base64 encoding.

    I'm not quite sure where to go from here. Does this challenge require IDA, Ollydb, or Radare? Is this something I need to be running in a specific OS or environment?

    I'm very new to Reverse Engineering and I'm not sure where to go from here, what's standard and what's not, and how to proceed.

    Any guidance or nudges would be appreciated!

    Arrexel

  • basic Reverse Engineering is enough

  • @eks i've searched a lot and all the ways that are possible for app decryption need either an ios phone or a mac which many people may not have. is there a real free alternative?

    @kouPrey which decompiler did you use ?

  • @danymogh you can try ida or hopper.

  • Could I get a PM on this challenge? I've found the pieces but am unsure of how to break the flag. I have an idea of what things are but don't want to post spoilers, and really want to understand this challenge.

    Arrexel

  • @danymogh said:
    @eks i've searched a lot and all the ways that are possible for app decryption need either an ios phone or a mac which many people may not have. is there a real free alternative?

    If you researched a lot, then you did not research right... As i mentioned before, it doesn't require an iOS device or a MacOS. We wouldn't release it if it did.

    Hack The Box

  • @KouPrey
    I tried both but it seems the program is encrypted. any tip on how to decrypt it?

  • @danymogh you do not need to read the whole program. You only need to find value/text you need to decrypt the cipher text.

  • Got a base64 look alike flag but decrypting produces gibberish, tried decrypting in ASCII too but the same result

  • @Afolic said:
    Got a base64 look alike flag but decrypting produces gibberish, tried decrypting in ASCII too but the same result

    To get this challenge you will have to look into how the app is handling the base64 string and what goes into that string. See @ShingoTamai comment above for an idea on where to begin your search. There are a couple free tools you can download to do this. Some more helpful than others depending on the options they offer.

    For anyone needing a nudge feel free to PM.

    Arrexel

  • To answer my own question: the base64 encoded flag that can be found in the application does not need to be pre-processed before it can be passed to a decription tool.

    For the rest, IDA is your friend.

    -=> I DO NOT REPLY TO PRIVATE MESSAGES <=-

  • @ShingoTamai said:
    To answer my own question: the base64 encoded flag that can be found in the application does not need to be pre-processed before it can be passed to a decription tool.

    For the rest, IDA is your friend.

    I need some hints. I stuck on this challenge. I found some data called hash,challenge,flag,initWithBase64EncodedString_options_ Am I on the right way?

  • edited July 2018

    @s10suzdongu said:

    @ShingoTamai said:
    To answer my own question: the base64 encoded flag that can be found in the application does not need to be pre-processed before it can be passed to a decription tool.

    For the rest, IDA is your friend.

    I need some hints. I stuck on this challenge. I found some data called hash,challenge,flag,initWithBase64EncodedString_options_ Am I on the right way?

    You need to find the key and the iv needed for the decryption of the base64 encoded string contained within the .plist file..

    -=> I DO NOT REPLY TO PRIVATE MESSAGES <=-

  • @s10suzdongu said:

    @ShingoTamai said:
    To answer my own question: the base64 encoded flag that can be found in the application does not need to be pre-processed before it can be passed to a decription tool.

    For the rest, IDA is your friend.

    I need some hints. I stuck on this challenge. I found some data called hash,challenge,flag,initWithBase64EncodedString_options_ Am I on the right way?

    Look into what was used to create the string you'll be trying to break down. Understanding how that string was created and the parts it used will really help you in what you need to do to break that string down, and will make the process much faster.

    Happy hunting!

    Arrexel

  • Similar to s10suzdongu, I have found the data within IDA. There are 2 weird strings which I believe is important but unable to utilise it. These strings are called into the key and iv function and contain special characters. Any one could give me a hint?

  • edited July 2018

    Oh got it... SPOILER

  • Anyone else having issues with running IDA64 on Ubuntu?

  • edited August 2018

    Nevermind needed to launch from the terminal.

  • edited September 2018

    Please no more PMs. They do not bring "enrichment" / "enlightenment" to everybody.

    I don't know if this is considered a spoiler, however, for this and similar challenges, openssl can be used to decode ciphertexts.

    This is the generic syntax to use, to be adjusted to your needs:

    echo ciphertext | openssl enc -d cipher -K KeyInHex -iv IVinHex -nopad -nosalt -base64

    Run "man enc" for additional options and details.

    -=> I DO NOT REPLY TO PRIVATE MESSAGES <=-

  • I have a pretty good understanding on how the code works. I've managed to get the base64 string, the IV and the KEY. I understand the IV and KEY should be in hex format. Yet I can't seem to decrypt it (openssl). Am I overlooking something? Feel free to PM me any hints.

  • @MrProxx said:
    I have a pretty good understanding on how the code works. I've managed to get the base64 string, the IV and the KEY. I understand the IV and KEY should be in hex format. Yet I can't seem to decrypt it (openssl). Am I overlooking something? Feel free to PM me any hints.

    You are, probably. Data you have is all you need to complete this challange. @ShingoTamai already gave the ultimate hint already.

    Hack The Box

  • Which one is the key? I have found several keys; I am guessing there are like 20+ possible keys. How do you differentiate which one is the correct key?

Sign In to comment.