CryptoHorrific [Mobile] [Writeup]

Philippe Delteil
Write-ups HackTheBox
1 min readJan 13, 2023

--

Step by step writeup

Stats of the challenge.

Link to the challenge.

Get the parameters to decrypt the text:

Use IDA to get the assembler code and F5 to generate pseudo code.
In the challenge.plist file we find the following:

bplist00��TflagRidUtitle_XTq+CWzQS0wYzs2rJ+GNrPLP6qekDbwze6fIeRRwBK2WXHOhba7WR2OGNUFKoAvyW7njTCMlQzlwIRdJvaP2iYQ==S123_HackTheBoxIsCool

After some trial and error, we infer that the base64 text must be the encrypted text.

XTq+CWzQS0wYzs2rJ+GNrPLP6qekDbwze6fIeRRwBK2WXHOhba7WR2OGNUFKoAvyW7njTCMlQzlwIRdJvaP2iYQ==

Within the hackthebox file we find the following values ​​in the source code:

Key = !A%DG-KaPdSgVkY
IV = QfTjWnZq4t7w!z%C

To decrypt the text there are basically 3 resolution methods, but we will cover two. The third is by using openssl from the command line. In this particular case we do not need the initiation vector (IV).

Using Python

import hashlib
import base64, re
from Crypto.Cipher import AES
k = "!A%D*G-KaPdSgVkY"
code_b64 = "Tq+CWzQS0wYzs2rJ+GNrPLP6qekDbwze6fIeRRwBK2WXHOhba7WR2OGNUFKoAvyW7njTCMlQzlwIRdJvaP2iYQ=="
print(base64.b64decode(code_b64))
cipher=AES.new(k…

--

--

No responses yet