Swapnil Pathak

Swapnil Pathak

Graduate student @Northeastern university, pursuing Master of Science in Cybersecurity

I'm a cybersecurity enthusiast and a student with broad interests in computer systems, IoT and software security.

Walkthrough - 0ld is g0ld

Tags: ,

Categories: ,

Updated:

This particular challenge is a good starter to your journey as a challenge solver! Take a moment to appreciate the beauty of “old” algorithms, without them we would not be able to build cyber security so much. This challenge will earn you 10 points which is not a lot but you got to start somewhere.

banner

Spies everywhere!

Before following this walkthrough, I highly recommend trying to get the flag yourself! Just like you will hear from everyone else, try harder! (if you cannot find it)

Follow this link and download the file under 0ld is g0ld section as shown below. You will have to login in order to do that.

htb@noone:~/misc/old_is_gold$ unzip 0ld_is_g0ld.zip
Archive:  0ld_is_g0ld.zip
  [0ld_is_g0ld.zip] 0ld is g0ld.pdf password: hackthebox
inflating: 0ld is g0ld.pdf
htb@noone:~/misc/old_is_gold$ ls
'0ld is g0ld.pdf'  0ld_is_g0ld.zip

Well, so we have a pdf file. Let’s try to open it.

Turns out its password protected. We will have to see if we can crack its password to see what’s in there. I am going to use pdfcrack to do that.

You might want to lookup the options to use it if you haven’t already. Use pdfcrack -h to see the options and select what suits your need the best.

I am going to do a dictionary attack, for that I am going to use rockyou.txt file. You can try with other wordlists just for trying.

htb@noone:~/misc/old_is_gold$ pdfcrack -w /usr/share/wordlists/rockyou.txt -f "0ld is g0ld.pdf"
PDF version 1.6
Security Handler: Standard
V: 2
R: 3
P: -1060
Length: 128
Encrypted Metadata: True
FileID: 5c8f37d2a45eb64e9dbbf71ca3e86861
U: 9cba5cfb1c536f1384bba7458aae3f8100000000000000000000000000000000
O: 702cc7ced92b595274b7918dcb6dc74bedef6ef851b4b4b5b8c88732ba4dac0c
Average Speed: 48468.9 w/s. Current Word: 'dichan'
```snip```
found user-password: 'jumanji69'

We will use this password to open the pdf.

pdf

Woah! Take a bow Samuel Morse (I didn’t know it was him. A little search helped me). But we are here for the flag. What does this picture mean? If we scroll down and zoom in, we see something.

morse

Look at that! We have a morse code to crack. I will use an online translator to do this (Maybe I will create a simple tool).

morse

Voila! We have the FLAG and we can use this to gain out points on HackTheBox. Don’t forget to enclose the flag in HTB{} because that’s the format.

Happy Hacking! Cheers!

You may also enjoy

Walkthrough - Irked

This was a decent box. An IRC exploit gets you a shell with the IRC user but not the local user. There are two methods to get a privilege escalation. One is ...

Walkthrough - Curling

For all the beginners and the people who wish to nail all the machines on HackTheBox, this machine is a great starter. It has a flavor of shell upload to web...

Walkthrough - Frolic

This was a good practice of decoding stuff, web exploitation and rop exploitation. Overall a decent box and easy points. Getting user was tiring but root was...