Challenge-Stego-Beatles
Challenge-Stego-Beatles

Beatles is a beginner level challenge in hackthebox.it’s based on steganography.

DOWNLOAD THE FILES

Let’s download the file and unzip it with a password hackthebox.

it gives us two files namely :

Files

we will check the file m3ss@g#_f0r_pAuL

COMMAND: cat m3ss@g#_f0r_pAuL

We found some encrypted message here. To know how to decrypt the message you need to know what is the encryption used and to know the encryption. you need to be familiar with the encryption.

Most of the times you will get succeeded 🙂 by googling stuff:)

After referring to encryption techniques, I able to know that the encryption was used ROT3. You can check this site.

Well, he wants us to use fcrackzip to crack the zip file with a four-character wordlist, which we can easily create with the crunch.

Crunch is a built-in tool in kali Linux which generates wordlists.

COMMAND:crunch 4 4 abcdefghijklmnopqrstuvwxyz -o pass.lst

Crunch

crunch generated the wordlist for us. let’s use the wordlist to crack the zip file with fcrackzip tool.

COMMAND:fcrackzip BAND.zip -u -D -p pass.lst

BOOM!! we found the password for the zip file.:)

Let’s open it.

This will extract a file called BAND.JPG. let’s use commands like strings and file and binwalk.

base64

After using the strings tool, we found a base64 value.

Let’s try to decode it by using base64. As it was encoded two times. we need to use decode it two times:)

COMMAND:echo “VkhKNUlFaGhjbVJsY2lFPQ==” > | base64 -d | base64 -d

It came with a message TRY HARDER!

let’s use binwalk tool.

COMMAND:binwalk BAND.JPG

As expected, there is no interesting part of it.

Let’s use steghide command to check-in it:)

COMMAND:steghide extract -sf BAND.JPG

It’s a password-protected file. After opening the image BAND.JPG we can able to know that there is a name which we could use as a password to extract the file behind the image🙂

COMMAND: steghide extract -sf BAND.JPG -p THEBEATLES

After extracting the image there is a file named testabeatle.out.

We use the file command to know the type of the file.

COMMAND: file testabeatle.out

it’s an executable file.

We will try to execute it

COMMAND: chmod +x testabeatle.out

COMMAND: /testabeatle.out

As it’s a challenge. we will use command strings to get the flag🙂

We found some interesting data inside the file. I used base64 command to decode the value and got the flag:)

If you like my writeup, Give me Respect on my HTB profile: Exp1o1t9r

4 COMMENTS

    • You can make a simple WordPress site and start posting your articles.
      You can find many courses on making a fashion blog by a simple google search.
      If you are facing any issues, just ping me through LinkedIn @exp1o1t9r

    • Thank you so much …more content will be updated from now onwards and more changes will be made for better user experience!!

LEAVE A REPLY

Please enter your comment!
Please enter your name here