How I Hack This (HackTheBox -C1 Part 1)

Hack The Box Challenge
1

Hello, guys, this is khan Janny. as you guys know this HACKTHEBOX - C1 challenge was arranged by ENCRYPTBD .Thanks to ENCRYPTBD for this event. in this CTF challenge. there was 5 different challenges. i am going to show you how I solve this problems. Advance sorry for my bed English…Let’s Start :slight_smile:

Challenge 1:

Screenshot_5
Screenshot_5701×126 5.32 KB

as you can see 1st challenge description and hints. it is really important to understand the description. as you guys see there was two hints “OSINT” and “Text Storage Site”. on this challenge, I don’t know why I do not even notice the second hint. So I have done a mistake .later on I have found the solution just getting the idea from this hint .text storage site means that a site where we can storage text file .there is a most popular site called [pastebin.com](https://pastebin.com/). when i search about Richard Tolar i have found some interesting result of that organization and also about the data breach. and that was the result of the 1st challenge but because of my carelessness, i got this solution after time up. :confused:

The result was like this :

site: cia.gov

poc
poc1365×566 55.7 KB

Challenge 2:

Screenshot_6
Screenshot_6709×113 4.2 KB

challenge 2 was a Stenography problem. in this challenge, you will find a file from here you have to download this file. this is a rar file the name f this file is thumb.rar.now you have to extract the file you can use $unrar e thumb.rar

Screenshot%20from%202018-10-11%2016-22-20
Screenshot%20from%202018-10-11%2016-22-20736×277 23.4 KB

after extracting you there will be a file called thumb.jpg if I open this jpg file with any image viewer it will seem as like a normal image. although we know there is something hidden inside this file image file, first of all, I have checked the strings if there is any text implemented inside this image i can easily find this out. i have used $strings thumb.jpg command and i have found my first message https://i.imgur.com/777fNcK.gif and then I have visited this URL and I got my second message i'm really proud of you too.
Screenshot%20from%202018-10-11%2016-36-21

Result :
first message: https://i.imgur.com/777fNcK.gif
second message: i'm really proud of you

Tips :

  1. Always try to focus on the hints
  2. Check the file type and check strings

Thanks for reading .soon I will post all other solutions too. keep learning :slight_smile:

Thanks
Khan Janny

2 Likes
2

Wow!
Great share… :sunglasses:
Thank you man.

2 Likes