Cryptohorrific

13»

Comments

  • edited December 2019

    Alright, never mind I found it after a couple of weeks try :D

    Feel free to PM me if u have any questions :)

  • STYSTY
    edited December 2019

    As an iOS Developer and hobbyist Hackthebox solver - this was really fun! Felt like home, wrote a short Playground file in Xcode to decode the flag and voila 😁

  • Fun challenge. A bit of trial and error in the end. I used Ghidra for finding some of the stuff you need :)

    Hack The Box

  • ahh finally. forum helped lot. also cyberchef gives all for the output of IDP

  • I really were on another long bath before I read all comments here .. thank you all, and ofcourse a lot of thank to the creator .. I have learn a lot

    Drxxx
    I wouldn't mind some +respect if I helped you ;)

  • got the flag, id and title, decrypt the flag first to base64, then aes that with title-key-iv, I would appreciate some light :blush:

    shaswata56
    ** Life is simple, we make it complex just out of curiosity **

  • Type your comment> @oct3t said:

    Hello everyone. I'm stuck in the decryption as well.

    1. Used plistutil to get flag
    2. Used IDA to get key, IV
    3. Decoded them into hex
    4. Testing out with AES using CyberChef

    I can't figure out what I'm missing or overlooking. I'd appreciate if someone could help me out.

    Im using Kali Linux... trying to figure this challenge out.. having trouble figuring out how to use plistutil... I did some searches and installed the libplist-utils package and libplist3, and attempted to use the same commands i found on those sites, but no matter what i type, I get "command not found" whether sudo or not.

    I'm not understanding how to actually view the plist files?? Any help would be appreciated

    (using kali Linux)

  • any hint so i can reverse and get the k** and *v ? that's what remains to me

  • Type your comment

  • anybody got a hint
    like please the last part is killing me

  • @quantumtheory said:
    Type your comment> @oct3t said:

    Hello everyone. I'm stuck in the decryption as well.

    1. Used plistutil to get flag
    2. Used IDA to get key, IV
    3. Decoded them into hex
    4. Testing out with AES using CyberChef

    I can't figure out what I'm missing or overlooking. I'd appreciate if someone could help me out.

    Im using Kali Linux... trying to figure this challenge out.. having trouble figuring out how to use plistutil... I did some searches and installed the libplist-utils package and libplist3, and attempted to use the same commands i found on those sites, but no matter what i type, I get "command not found" whether sudo or not.

    I'm not understanding how to actually view the plist files?? Any help would be appreciated

    (using kali Linux)

    cd ./that directory
    plistutil -i challenge.plist

  • cool chalenge :)
    i used ghidra to find useful strings , idk why i cant see them on ida :/
    pm me for nudges :)


    Hack The Box

    You can pm me on discord sh4d0wless#6154

  • So I've used IDA and ghidra to try and reverse the key and iv but to no avail. My reversing skills are a little rusty if not none existent. Would love a little nudge in the right direction to find them. I already know the algorithm used to hash everything just from these two bits of information.

    I already did find an interesting function but not sure there is anything in there: SecretManager:key:iv:data

  • Type your comment> @bananabr said:

    I managed to solve the challenge thanks to some comments here, but I had to use some trial and error. Could anyone send me an PM pointing to where the encryption mode (CBC, ECB, CTR ...) is shown in the code?

    rabin2 -i
    it shows some interesting function names, one of them is the standard provided by Apple in order to help with encryption stuffs.

    The default mode is CBC, but some little further research reveal that something is not properly implemented and it could results in ECB where the IV is not actually relevant.
    If the IV is not provided, it will be inizialyzed to all zeroes by default.

    I didn't know about that and I'm not very involved in mobile apps envirorment, so I can say that this chall teach me something new, as well as forcing me to look at some RE.

  • Hi guys,

    At the moment i have the flag and the key ... But i need some help to decrypt this flag

Sign In to comment.