Cryptohorrific

2

Comments

  • mmm i found the flag and two string it seems one key and another one the iv. Try with openssl but not work show me the message 'chipther' not found ...

  • edited December 2018

    i create some script with all decode algorith
    openssl enc -nopad -nosalt -K xxxxxx -iv yyyyy-d -aes-128-cbc -A <<< **flag*

    openssl enc -nopad -nosalt -K xxxxxx -iv yyyyy -d -base64 -A <<< **flag*

    etc ... it is the right way ? but nothing nice...

  • edited December 2018

    but should I use some emulator?

  • doneeeeee! arghhhhh !!!

  • Hi!

    I've managed to obtain the data, key and IV but whatever I try, decrypting doesn't work. Anyone willing to help me out?

    center

  • edited January 2019

    @Center said:
    Hi!

    I've managed to obtain the data, key and IV but whatever I try, decrypting doesn't work. Anyone willing to help me out?

    I'm at the same spot. I'm not sure I have the correct KEY and IV. Both strings include symbols like "!" and "%"

    I also have what looks like a base64 encoded text... XTq+****== and I think its the encrypted text...

    Im using openssl but so far no clue.

    Deleite

  • I solved it.

    I would recommend to use this site:

    http://aes.online-domain-tools.com/

    And test with the values, VI might not be necessary.

    Deleite

  • edited January 2019

    IDA+AES

    Spiderixius

  • edited March 2019

    Just finished it after a week of wondering where I was going wrong. For anyone not using a mac to open the files, be careful what non-printable characters are present in the files and what they mean, chances are you have one thing wrong with your ciphertext.
    Happy to help through DM.

  • So I've managed to get the encrypted flag and what i think is the IV and Key, but when i run it through openssl I get more encrypted text as a result. If anyone has any tips on how to solve this or hints please PM me.

  • edited April 2019

    So finally completed this

  • can any one help me out??

  • I managed to solve the challenge thanks to some comments here, but I had to use some trial and error. Could anyone send me an PM pointing to where the encryption mode (CBC, ECB, CTR ...) is shown in the code?

  • @MrReh said:
    can any one help me out??

    Where are you at in the challenge? What did you manage to do?

  • Anyone able to send me a PM I feel I have everything i just need to confirm as I cant seem to get it working

  • Type your comment> @hudson96 said:

    Anyone able to send me a PM I feel I have everything i just need to confirm as I cant seem to get it working

    sure

    e-nigmaNL

  • solved, feel free to PM me

    m4nu

    Valiant, nothing is impossible.
    Lock by lock and one after the other is the key. You cannot open door number 9 until you have unlocked number 8.

  • To anyone who struggles to make sense of the IDA assembly code - I found this resource very useful:
    https://www.raywenderlich.com/615-assembly-register-calling-convention-tutorial

  • And this is a handy tool to play with decoding/decryption etc.:
    https://gchq.github.io/CyberChef

  • edited August 2019

    Hi guys, easy challenge. All you need is r2 (or Ida or Ghydra) and then something like Openssl or Cyberchef. Make sure to identify a certain function related to encryption (it's a staple for OSX binaries) and then its parameters. It's all pretty straightforward, so do not overthink. Finally, decode something and use the parameters to decrypt that something. Just make sure to decode the right thing, or you would get an error.

    Sociaslkas

  • edited September 2019

    Hey, I'm pretty sure I have all the data needed (ciphertext, key and IV) but it doesnt decrypt clear text...
    Can someone PM me to tell me whats wrong please ?

  • This challenge made me crazy, I have IV key and flag hash, but the flag hash should through hex after decoding may I have corrupted hash, please anyone have and idea PM me.

    N3v3r Giv3Up, 3v3ry th!ng !s p0ss!ble .

  • edited October 2019

    The struggle was real, first time I see plist files. I had the correct approach, key and IV in a couple minutes, then struggled for a full day because I was trying to decipher the wrong string.

    Finally, out of desperation, googling random substrings within the plist file led me to discover that plistutil exists.

  • Hello, I'm struggling with the decryption, I think I found everything that I need (The hash,IV and Key) but I always get the error "bad magic number".

    Can someone give me a nudge? Thanks in advice.

  • Hello everyone. I'm stuck in the decryption as well.

    1. Used plistutil to get flag
    2. Used IDA to get key, IV
    3. Decoded them into hex
    4. Testing out with AES using CyberChef

    I can't figure out what I'm missing or overlooking. I'd appreciate if someone could help me out.

  • The encrypted flag is in base64, you have to decode it before CyberChef phase, try all mode

    Hack The Box

  • Quite a nice one...! Thank you @bsecure for creating it.

    I think there are plenty of hints here already, but following from up @oct3t's hints, one thing I would also suggest is when you are trying to decrypt, make sure you understand what encoding you are using and what encoding the tool expects. Cooking this with the CyberChef makes it eeee-Zeeee.

  • Ok, got it now. Thank you !

  • Could anyone PM me, I know there's a lot of hints in here but I'm not entirely sure that I'm doing this correctly.

    Thx in advance :)

Sign In to comment.