This is a straightforward read of a dropper script. It looks like a lot of dropper scripts that you can capture on honeypots and such these days too. In this script, you just need to read the bash commands and solve the base64 decoding puzzle.
In this case, there are four parts to decode and concatenate to create the flag.
I grepped the file looking for "==" which indicates a base64 encoded string. This reveals a few additional lines of bash for comparisons, but the challenge is easy enough that you can manually decode each of the strings using echo -n
The base64 "nuggets" are found in the crontab reinstaller, a line where the decoded fragment is dropped into the bashrc for the current user, and a file checker function.
The flag is HTB{m1n1ng_th31r_t0_m4rs_th3_r3d_pl4n3t}.
Published: 21st February 2024
Last updated: 21st February 2024
It's been a while since I played with Hack The Box, but rather than go through boxes, I took a swing at a few challenges starting with Photon Lockdown (which took about 10 minutes to solve.)
Published: 4th September 2023
Last updated: 4th September 2023
I am not the first person to think of using ChatGPT to analyse incoming requests for signs of delicious maliciousness, but that won't stop me having a crack and implementing into my Server Dashboard.
Published: 16th August 2023
Last updated: 16th August 2023
Published: 12th August 2023
Last updated: 12th August 2023
Seen something in your logs?