Mission Impossible

Hi mates,

Can someone of the 12 solvers of Mission Impossible contact me by DM to ask a question?

I have already solved the first part, but I am finding problems in solving the second.

Very much appreciated!!!
Best regards :)



  • hey bro..

    Hack The Box

  • Same here. Got the first part and already have done some coding for the second but now I'm stuck a bit. Don't want to spoil here too much. Could someone PM me, please? A hint is much appreciated :)


  • edited November 2018

    Working on the second part of this as well. I think I know the attack method based on the name dropped in the initial decoded message and the error message the server gives when your "something" is incorrect.

    Edit: Got it. I was correct about the attack method. Just had to use a different library. ;)

    404 Friend Not Found

  • I have no clue about how to even start with this challenge, anyone want to help me with a first push? Aiming to finish up these crypto challenges but I don't even see how I would use this one huge number, assuming it is a number.

  • Hi, I'm on the second part of the challenge. I'm pretty sure about the method, but probably I'm doing something wrong.

    The method takes "some time"... and the web service gets always closed after a while...

    It is normal that the attack takes so long (and in this case how can I prevent the server for closing?) or I'm doing something wrong?



  • Did it, there was a bug in my script. It took some time anyway, but session was on enough to solve it.


  • I need serious help with this, I don't know how to do the first bit

  • edited April 2019

    Anyone willing to share a hint on the first bit? Idea it is a xor encryption. Decrypting by trying to guess the first header and then guessing the rest of the content slowly while building a key - but it doesn't seem to work with common headers

    EDIT: Almost. Finally got the first bit.

  • I've tried a bunch of different things on the initial message and nothing seems to coming out of it. Would someone mind DM'ing me a hint? Not even the direct answer, but just a rough directly would be appreciated!

  • This seems to be one of the toughest challenges ever...as the name says though...

  • edited September 2019

    To anyone who solved the last part: How long did it take to decrypt the message? Oh man, it's so slow...

    EDIT: Finally got it. 19077 queries. OMG. I loved this challenge.

  • I could really use a push on the first part of this challenge. The usual methods don't seem to work.

  • i have literally no idea of how to start the challenge, can smb DM me on how to start. I'll rly appreciate it

  • Type your comment> @Ugi said:

    I could really use a push on the first part of this challenge. The usual methods don't seem to work.

    I used a very basic, usual method for the first part. Consider all possible ways of analyzing the ciphertext.

  • I can't decode the message file. Can someone give any clue?

  • Really liked this challenge. Techniques for both parts were new for me and I learned lots, although I lost my weekend :)

    Click here for HTB Profile: You are welcome to contact me for a nudge, but if I help you, please consider giving respect.

  • This is a nice straightforward challenge. I probably made around 1.5 million queries before I stopped and verified my code and found a silly mistake ( I base64 decoded an initial hex encoded data ¯_(ツ)_/¯ ) After fixing the mistake it took about 19000 queries to find the flag.

    I am curious how the challenge was constructed. The paper suggests that it should take around 1 million queries, but this challenge requires 19000 only. It is highly unlikely to be a random occurence. Is there a way to construct this kind of challenge with any given complexity, or was it a trial and error approach?


  • Took almost 3 hours on my slow machine :( Had to code in a way to reconnect to new HTB docker since the instances kept dying on me

  • Hi all , cannot even start this challenge, outlook element won't open, could anyone mp an hint plz ? ty

  • Hi, I'm also stuck on this challenge for a while now, tried some basic analysis on the ciphertext but got nowhere. If anyone that did can pm an hint... I can share all what I have tried. thanks

  • I liked this challenge, much more creative than the guessing games that many of the other challenges become. The first part is non-trivial, look at classical cryptanalysis and try to adapt one of the methods. I actually found part 2 easier since I'd recently been studying the attack.

    If you do a bit of research on the IP they use, you can take out a VPS very physically close to their server - perhaps in the same datacentre ;), which speeds up the attack a lot. I'd also reccomend Sagemath since it makes the mathsy bits a bit easier than raw Python.

  • edited May 2020

    got it special thanks @electrifeye and @0xlimE, fill free to PM me


    Valiant, nothing is impossible.
    Lock by lock and one after the other is the key. You cannot open door number 9 until you have unlocked number 8.

  • I was hoping to use this challenge as a learning exercise but all I've learnt so far is I know f*ck all about crypto analysis. I've tried a few python scripts to XOR and shift the bytes in the file but I'm getting nothing useful back and it feels like I'm wildly guessing without any strategy.

    Can anyone suggest some good resources that would be helpful on this and the other crypto challenges.

    Any hints on this one would be welcome.

  • this was surprisingly easy! after the first step it tells you what to do, from there i just got a script off the web, adjusted it a bit and waited :3


  • anyone in 2020 :smiley:

  • edited August 2020

    Oh man, part 2 is taking so long on my old quad 5i laptop 1.7ghz. Can any solvers tell me how many hours did it take them on various speed machines? After about 7 hours my test s is around 10^140, at 3500 queries, it's going to take days to get there...

    Update: after 36 hrs I have 5900 queries, s is 10^259, and using ice packs on my laptop but I can read half the flag so far :)

  • Update: 60 hours later, 6773 queries, got the flag! I'm Puzzled as to why my routine used so few queries compared to other reports though.

    Feel free to PM for help.

  • edited November 2020

    Fun challenge! First part was most challenging for me, but @electrifeye's hint about classic cryptanalysis is great!
    Second step was easy as @0x41 mentioned and making the 19077 requests took me only 15 minutes, don't know why it is so fast for me...

    If anyone does need a small nudge, feel free to send me a pm :)


  • looooool im getting spoilled here hahha i think i need to switch to my i7 laptop

Sign In to comment.