Keep Tryin



  • Solved! This was an amazing challenge, I've learned a lot.
    The second part required a little of effort to arrange "something" but it was worth it.

    If you need some help just PM me ;-)

    Hack The Box

    Message me with 1) Problem description 2) What did you try so far? 3) Your ideas about next steps

    If you appreciate my help, please give me +1 respect

  • What a great challenge! I ironically found the tool required after solving it. Initially gave up trying to find the tool and ended up watching a few DNS exfiltration videos on youtube which showed a few of the common encoding techniques used. I then used CyberChef with two recipes, tweaking a few of the characters to comply with base64 first, then piped that into the second one, which gave something obvious (and magical). Happy to give some nudges.

    • Understanding what the allowed characters are in both base64 and a domain name will help.
    • as will the 2nd encoding used

    Hack The Box

  • Type your comment> @GillesEstJaune said:

    If you don't feel like scripting, it is also possible to completely avoid it. It is possible to get the result by playing with the capture file, if you tweak it a little bit.

    I second this - there is an easier way to accomplish, no script needed.

  • Fun challenge :)

  • Any chance of a hint on the decoding section please?

  • Fun challenge, quite tricky to start but google and the hints here help a lot.

    My hint: Take your time to understand what is valid base64 and what isn't.

Sign In to comment.