Obscure Challenge

@artikrh amazing challenge… man, I had a blast going through this, getting stuck, then realizing something and getting unstuck… Very nice! Well done!

As a general tip, if you manage to decode the attacker’s commands, try to research a bit the file type and see how you can ‘open’ it :slight_smile: … there’s no need to ‘extract’ it somehow, you’ll just see it there if you managed to get to that point.

Type your comment> @nkhan95 said:

Hey guys. I managed to decode the commands but unable to extract k**x file. Can anyone please give me nudge? Thanks in advance

Finally… :slight_smile: thanks for the hint Z3nn but I didn’t fount way to see the contents of k**x file without extracting it and cracking its pw.

I dropped you a message :stuck_out_tongue: hope it helps… regarding what you said here, maybe that’s part of the whole process :smiley:

Amazing i learn a lot!

Really cool challenge, I liked it alot! :slight_smile:

Great-Great-Great-Great-Great… Challenge!!! :slight_smile:

:blush: great and intresting one XP…
feel free to pm me…

tnx @artikrh for this kinda challange it was great… <3

It was fun, thanks to @artikrh for this challenge

Really enjoy with this challenge. thanks @artikrh for this amazing challenge… Got it feel free to PM me

This challenge was so much fun! Thanks so much to @artikrh!
One of the best so far of all categories! Congrats!
and i noted your easter egg ahahaha, good luck and keep your work :wink:
I just needed a little help on decoding the commands and thanks @m4nu for helping me out on that!
When you get that is easy… Unlikely other challenges, in this one you have to use brute force to finish it.
Hope this will not spoil so much and goodluck. :slight_smile:

Can anyone help me out? I feel like I’m at the very end… I deobfuscated, I get to the last bit, I get p***.***x, but it’s only 78 bytes after I manipulate it, and my “friend” says it has an invalid file signature. If someone wants to PM me I can show what I have.

1 Like

Hello, I need help with this.
Ok, my php is readable.
I found the Ip of the hacker, but now I don’t know what I need do.
I tried run the php file, not successful

I had a lot of fun with this challenge. from the first to the last step.
It was neither difficult nor too easy.
Thank you @artikrh well done!

@Anoraks said:
Hello, I need help with this.
Ok, my php is readable.
I found the Ip of the hacker, but now I don’t know what I need do.
I tried run the php file, not successful

you’re in the right path.
Once you understand how the script works, you have to feed him some data.
Look at the pcap and follow the flow.
Finally you have to force the last step, simple and well known list is enough as usual.

I have done everything that needs to be done in this challenge and still don’t have the flag, so if anyone can pm to tell me what am I missing I would be grateful.

I cracked the h**h, and unsure where to go from here, anyone able to point me in the right direction?

Very cool challenge, longer than some boxes !!

This was the most rewarding HTB challenge I’ve completed. Partially due to learning new skills but also to the lack of concrete hints. It was really fun dissecting exactly what was going on.

Type your comment> @Paradoxxs said:

I cracked the h**h, and unsure where to go from here, anyone able to point me in the right direction?

well better try it on the k##x file
john is your best friend, well maybe other prefer hc. but i found it was actually simple than it seems…