Hack The Box – Reversing: Debug Me Hints

Hello, Here are some hints for solving the Debug Me challenge on HackThebox: Use a good debugger like x64dbg Use an anti-anti-debugging plugin like Scylla Hide. (read the instructions on how to install it) Step through the challenge and see where it takes you. Thanks!

December 22, 2019 Ā· 1 min Ā· Denis Nuțiu

Hack The Box – Bitlab

Hello, Hereā€™s how Iā€™ve solved the Bitlab machine on Hack The Box. Gitlab Access As usual we start of with a nmap scan: 1 2 3 4 5 6 7 8 9 10 11 12 root@kali:~# nmap -p- -sV 10.10.10.114 Nmap scan report for 10.10.10.114 Host is up (0.044s latency). Not shown: 65533 filtered ports PORT STATE SERVICE VERSION 22/tcp open ssh OpenSSH 7.6p1 Ubuntu 4ubuntu0.3 (Ubuntu Linux; protocol 2.0) 80/tcp open http nginx Service Info: OS: Linux; CPE: cpe:/o:linux:linux_kernel Service detection performed. Please report any incorrect results at https://nmap.org/submit/ . Nmap done: 1 IP address (1 host up) scanned in 221.44 seconds The scan shows an nginx web server and ssh. If we visit the web server weā€™ll find a Gitlab instance. Gitlab is used by developers to host their source code. I tried searching for exploits but nothing came up. ...

December 16, 2019 Ā· 4 min Ā· Denis Nuțiu

Hack The Box – Travexec Write-up

Hello, Hereā€™s my write-up for the Traverxec machine. Initial Shell: google User Hint: Read the configuration carefully and ls dem directories, and donā€™t forget, youā€™re the web server! Root Hint: In linux you can configure commands to be executed without requiring a password. The password for the PDF is the root flag. Link: BananaPr1nc3-Traverxec.pdf

December 13, 2019 Ā· 1 min Ā· Denis Nuțiu

HackTheBox Reversing DSYM Write-Up

Hello, Hereā€™s my write-up for the Reversing DSYM challenge from HackTheBox. PDF: The password for the Write-Up is the challengeā€™s flag. To solve it Iā€™ve used: Write a comment if you need a hint or something is not clear. Thanks for reading!

December 9, 2019 Ā· 1 min Ā· Denis Nuțiu

HackTheBox Reversing: Find The Secret Flag

Hello, This challenge is not that hard but itā€™s quite confusing. To solve this challenge very quickly all you have to do is patch it in 2 places and then run it with different arguments until the flags getā€™s spiten out. Hereā€™s a sample script that runs the binary 100 times with arguments from 1 to 100 [code language=ā€bashā€] printf ā€˜start\nā€™ for i in {1..100} do printf ā€œ$i ā€ ./program ā€œ$iā€ | xxd -r -p printf ā€˜\nā€™ done printf ā€˜\nend\nā€™ [/code] ...

September 22, 2018 Ā· 2 min Ā· Denis Nuțiu

HackTheBox Reversing: Cake Challenge

Hello, If you open this binary in Binary Ninja or any other disassembler, youā€™ll see a that the flow is quite weird. After looking at the strings tab I found UPX listed in there, this explains the weird graph. UPX is an open-source packer. A packer is just a piece of software that compresses the binary, when the binary is run it will unpack itself. Packing an exe could reduce itā€™s size by 30% or so.. since UPX is free you could also use it to unpack binaries. Unpacking is left as a exercise to the reader (Iā€™m lazy) ...

September 15, 2018 Ā· 2 min Ā· Denis Nuțiu

HackTheBox: Reversing: The Art Of Reversing

The Art of Reversing challenge was a fun and quick challenge! I did get the flag but I did not write a keygen for it, I didnā€™t even need to look under the hood in order to get the flag. The scheme is very simple actually. The days are represented by roman numbers. The letters are not the original and the number is read from right to left. Fuzzing with the input you can deduce the following values: ...

September 8, 2018 Ā· 1 min Ā· Denis Nuțiu

HackTheBox Reversing: Impossible Password

Hello, this is a write-up regarding the HackTheBox reversing challenge: Impossible Password. Please donā€™t look at the solution if you havenā€™t attempted the challenge yet, it will ruin all the fun. Try to solve the challenge by yourself first, just put some hours into it, it isnā€™t that hard. Iā€™m also a newbie at RE. Here are some hints to get you started: The function call convention of this program seems to be: System V AMD64 ABI. Debug the program in a debugger like: edb-debugger. Okay, so, letā€™s solve this. ...

July 14, 2018 Ā· 3 min Ā· Denis Nuțiu