Quite a nice one…! Thank you @bsecure for creating it.
I think there are plenty of hints here already, but following from up @oct3t’s hints, one thing I would also suggest is when you are trying to decrypt, make sure you understand what encoding you are using and what encoding the tool expects. Cooking this with the CyberChef makes it eeee-Zeeee.
As an iOS Developer and hobbyist Hackthebox solver - this was really fun! Felt like home, wrote a short Playground file in Xcode to decode the flag and voila ?
I can’t figure out what I’m missing or overlooking. I’d appreciate if someone could help me out.
Im using Kali Linux… trying to figure this challenge out… having trouble figuring out how to use plistutil… I did some searches and installed the libplist-utils package and libplist3, and attempted to use the same commands i found on those sites, but no matter what i type, I get “command not found” whether sudo or not.
I’m not understanding how to actually view the plist files?? Any help would be appreciated
I can’t figure out what I’m missing or overlooking. I’d appreciate if someone could help me out.
Im using Kali Linux… trying to figure this challenge out… having trouble figuring out how to use plistutil… I did some searches and installed the libplist-utils package and libplist3, and attempted to use the same commands i found on those sites, but no matter what i type, I get “command not found” whether sudo or not.
I’m not understanding how to actually view the plist files?? Any help would be appreciated
So I’ve used IDA and ghidra to try and reverse the key and iv but to no avail. My reversing skills are a little rusty if not none existent. Would love a little nudge in the right direction to find them. I already know the algorithm used to hash everything just from these two bits of information.
! I already did find an interesting function but not sure there is anything in there: SecretManager:key:iv:data
I managed to solve the challenge thanks to some comments here, but I had to use some trial and error. Could anyone send me an PM pointing to where the encryption mode (CBC, ECB, CTR …) is shown in the code?
rabin2 -i
it shows some interesting function names, one of them is the standard provided by Apple in order to help with encryption stuffs.
The default mode is CBC, but some little further research reveal that something is not properly implemented and it could results in ECB where the IV is not actually relevant.
If the IV is not provided, it will be inizialyzed to all zeroes by default.
I didn’t know about that and I’m not very involved in mobile apps envirorment, so I can say that this chall teach me something new, as well as forcing me to look at some RE.