Chris Ruggieri (Neocount Phoenix)

Security Blog, Rants, Raves, Write-ups, and Code

Took the Byte

Name: Took the Byte
Hint: Someone took my bytes! Can you recover my password for me?
Base Points: Easy - Retired [0]
Rated Difficulty:
CharlesTruLuck
Creator: mprox

Download and unzip the file and check the hint:

 

Hint: Someone took my bytes! Can you recover my password for me?

 

Files: password

 

Cat'ting the password provides us with gibberish.

 
����������(c��������������������������ы������$���j���
���
   ��U�3��6�3�U▒�������7���������������������(c���7���������������������[~������������ы
������$���j�������������������������

┌──(kali㉿kali)-[~/Desktop/HTB/TookTheByte]
└─$ file password
password: data

 

Well that's unhelpful.... Let's try:

 

xxd password

 
00000000: afb4 fcfb ebff f7ff f7ff 2863 aab1 ffff  ..........(c....
00000010: ffff ffff ffff ffff ffff f3ff efff 8f9e  ................
00000020: 8c8c 8890 8d9b d18b 878b aaa7 f3ff 24bb  ..............$.
00000030: 90a3 6abb 90a3 0afe ebff 0cf7 8e55 c9cd  ..j..........U..
00000040: 8833 8d8c 36d1 33cb d308 551a fdff afb4  .3..6.3...U.....
00000050: f8f7 b237 01c1 ebff ffff edff ffff afb4  ...7............
00000060: fefd eafc ebff f7ff f7ff 2863 aab1 b237  ..........(c...7
00000070: 01c1 ebff ffff edff ffff f3ff f3ff ffff  ................
00000080: ffff ffff ffbf 5b7e ffff ffff 8f9e 8c8c  ......[~........
00000090: 8890 8d9b d18b 878b aaa7 f7ff 24bb 90a3  ............$...
000000a0: 6abb 90a3 afb4 faf9 ffff ffff feff feff  j...............
000000b0: b9ff ffff a1ff ffff ffff                 ..........

OK. Now we're getting somewhere. Way too f's in there though. Let's run it through CyberChef and try XOR against it. We do find the key FF works to create a ZIP file with password.txt in it. Add Unzip to the Recipe and we'll have the flag!!!

 

HTB{27AjFDkqi1wJ}

 

This was actually one of the first Forensics challenges that I did 27TH JULY 2019, but I'm just now getting around to publishing the writeup. I know..I suck LOL Enjoy the win