Hack The Box - Photon Lockdown Challenge

Published: 21st February 2024
Last updated: 21st February 2024
0

It's been a while since I played with Hack The Box, but rather than go through boxes, I took a swing at a few challenges starting with Photon Lockdown (which took about 10 minutes to solve.)

Once you get the package from HTB extracted, you'll be presented with three files simulating that of an embedded firmware installation. The key file, "rootfs", is a squashfs file which can be decompressed by running sudo unsquashfs rootfs". This dumps the 'filesystem' into a directory. From there, it really was as simple as running a grep on the config files to find the flag. In this case, I used grep -niR "HTB".

I didn't find this particularly challenging but it was the first time I encountered squashfs. Initially, I performed the usual strings, stat, etc. on the file. I did find it weird that Ghidra couldn't detect the file type. If I had spent ten seconds actually examining the files, I would've seen that my Ubuntu VM was telling me it was a SquashFS file from the get-go.