Beatles is a beginner level challenge in hackthebox.it’s based on steganography.
DOWNLOAD THE FILES
Let’s download the file and unzip it with a password hackthebox.
it gives us two files namely :
we will check the file m3ss@g#_f0r_pAuL
COMMAND: cat m3ss@g#_f0r_pAuL
We found some encrypted message here. To know how to decrypt the message you need to know what is the encryption used and to know the encryption. you need to be familiar with the encryption.
Most of the times you will get succeeded 🙂 by googling stuff:)
After referring to encryption techniques, I able to know that the encryption was used ROT3. You can check this site.
Well, he wants us to use fcrackzip to crack the zip file with a four-character wordlist, which we can easily create with the crunch.
Crunch is a built-in tool in kali Linux which generates wordlists.
COMMAND:crunch 4 4 abcdefghijklmnopqrstuvwxyz -o pass.lst
crunch generated the wordlist for us. let’s use the wordlist to crack the zip file with fcrackzip tool.
COMMAND:fcrackzip BAND.zip -u -D -p pass.lst
BOOM!! we found the password for the zip file.:)
Let’s open it.
This will extract a file called BAND.JPG. let’s use commands like strings and file and binwalk.
After using the strings tool, we found a base64 value.
Let’s try to decode it by using base64. As it was encoded two times. we need to use decode it two times:)
COMMAND:echo “VkhKNUlFaGhjbVJsY2lFPQ==” > | base64 -d | base64 -d
It came with a message TRY HARDER!
let’s use binwalk tool.
As expected, there is no interesting part of it.
Let’s use steghide command to check-in it:)
COMMAND:steghide extract -sf BAND.JPG
It’s a password-protected file. After opening the image BAND.JPG we can able to know that there is a name which we could use as a password to extract the file behind the image🙂
COMMAND: steghide extract -sf BAND.JPG -p THEBEATLES
After extracting the image there is a file named testabeatle.out.
We use the file command to know the type of the file.
COMMAND: file testabeatle.out
it’s an executable file.
We will try to execute it
COMMAND: chmod +x testabeatle.out
As it’s a challenge. we will use command strings to get the flag🙂
We found some interesting data inside the file. I used base64 command to decode the value and got the flag:)
If you like my writeup, Give me Respect on my HTB profile: Exp1o1t9r