Tue. Oct 20th, 2020

Pentesting Fun Stuff

following the cyber security path…

c4ptur3-th3-fl4g

This is a challenge from TryHackMe and the first task is:

Task 1 ~ Translation & Shifting

Translate, shift and decode the following:

Answers are all case sensitive.

#1

Leetspeak…..so a substitution of the numbers will be enough.

#2

Binary. To convert binary to text, you need to convert binary to decimal and then look up the decimal value in a ASCII table. How does this work?
Let’s take the first string: 01101100. To convert this binary string to decimal you calculate the value:

0 1 1 0 1 1 0 0
128 64 32 16 8 4 2 1

In this case: 64 + 32 + 8 + 4 = 108

In the ASCII table 108 equals the character lowercase l. And you can do this for the entire string (LoL) or you let a program like CyberChef do all the hard work.

#3

Looks like base32. For this you can use a program in Kali.

#4

Looks the similar as number 3, but this is base64. Again….in Kali you can use a program.

#5

This is a Hex string. Hex is base15 and you can do this like all the others by hand. Again like with the binary string you can convert a hex value into a decimal value and look up the ASCII character that corresponds with it.

#6

This looks like an rotation cypher. When rotating the letters according the alphabet a fixed number of times, you can encrypt your plain text. For example the word cat encrypted with ROT3 becomes fdw. In this case it’s ROT13

#7

This one is a bit more obfuscated, but it’s still a rotation cypher. In this case it’s ROT47. ROT47 comes from the ROT13 algorithm and differs only by additional numbers and characters that it uses in its alphabet. Just like ROT13, ROT47 shifts each text symbol by 47 positions.

#8

If you’ve watched a lot of survival shows or have been to the army, this will look familiar. It’s morse and every dot or dash combination is a letter from the alphabet. This code can be transmitted in text, light or even sound.

#9

This one is already a bit explained with number 5. In encoding standards like ASCII and Unicode each character can be represented by a numeric code point. Again, with the ASCII table you can look up the corresponding character.

#10

This one is a little bit more tricky, because it combines multiple encoding. I’ve mentioned it before, but a really good tool is CyberChef. You can create a decoding recipe one decoding block after another.

Task 2 ~ Hashes

For this I use a different approach. On Github there is a nifty tool, called hash-buster. It will identify a hash and try to find it’s plaintext counterpart on the internet on different sources.

First I put all the strings in a file.

Then I run hash-buster to see what it will find.

It identified 6 hashes (so it missed 1) and it found 3 known hashes form the sources. I’m still missing 4. For this task I’m switching to online crackers, because cracking them myself is a hell of a task. There are a few online cracking sites that helped out a lot: https://md5decrypt.net and https://md5hashing.net

Task 3 ~ Spectrograms

For this part there is an audio file to download. To render the hidden message there are several tools which can help. One of them is sonic-visualiser. I’m going for Audacity this time.

Task 4 ~ Steganography

Again there is a file to download. This time an image with a hidden message. A tool which can be used is called steghide.

Task 5 ~ Security through obscurity

For this final part there is yet another file to download. The mission states that you need to ‘get in’. So best thing is to use the command strings or something like hexdump -C.

This way you get both answers.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.