Hack The Box – Reversing: Debug Me Hints

Hello, Here are some hints for solving the Debug Me challenge on HackThebox: Use a good debugger like x64dbg Use an anti-anti-debugging plugin like Scylla Hide. (read the instructions on how to install it) Step through the challenge and see where it takes you. Thanks!

December 22, 2019 Ā· 1 min Ā· Denis Nuțiu

Hack The Box – Bitlab

Hello, Hereā€™s how Iā€™ve solved the Bitlab machine on Hack The Box. Gitlab Access As usual we start of with a nmap scan: 1 2 3 4 5 6 7 8 9 10 11 12 root@kali:~# nmap -p- -sV 10.10.10.114 Nmap scan report for 10.10.10.114 Host is up (0.044s latency). Not shown: 65533 filtered ports PORT STATE SERVICE VERSION 22/tcp open ssh OpenSSH 7.6p1 Ubuntu 4ubuntu0.3 (Ubuntu Linux; protocol 2.0) 80/tcp open http nginx Service Info: OS: Linux; CPE: cpe:/o:linux:linux_kernel Service detection performed. Please report any incorrect results at https://nmap.org/submit/ . Nmap done: 1 IP address (1 host up) scanned in 221.44 seconds The scan shows an nginx web server and ssh. If we visit the web server weā€™ll find a Gitlab instance. Gitlab is used by developers to host their source code. I tried searching for exploits but nothing came up. ...

December 16, 2019 Ā· 4 min Ā· Denis Nuțiu

Hack The Box – Travexec Write-up

Hello, Hereā€™s my write-up for the Traverxec machine. Initial Shell: google User Hint: Read the configuration carefully and ls dem directories, and donā€™t forget, youā€™re the web server! Root Hint: In linux you can configure commands to be executed without requiring a password. The password for the PDF is the root flag. Link: BananaPr1nc3-Traverxec.pdf

December 13, 2019 Ā· 1 min Ā· Denis Nuțiu

HackTheBox Reversing DSYM Write-Up

Hello, Hereā€™s my write-up for the Reversing DSYM challenge from HackTheBox. PDF: The password for the Write-Up is the challengeā€™s flag. To solve it Iā€™ve used: Write a comment if you need a hint or something is not clear. Thanks for reading!

December 9, 2019 Ā· 1 min Ā· Denis Nuțiu

HackTheBox Reversing: Find The Secret Flag

Hello, This challenge is not that hard but itā€™s quite confusing. To solve this challenge very quickly all you have to do is patch it in 2 places and then run it with different arguments until the flags getā€™s spiten out. Hereā€™s a sample script that runs the binary 100 times with arguments from 1 to 100 [code language=ā€bashā€] printf ā€˜start\nā€™ for i in {1..100} do printf ā€œ$i ā€ ./program ā€œ$iā€ | xxd -r -p printf ā€˜\nā€™ done printf ā€˜\nend\nā€™ [/code] ...

September 22, 2018 Ā· 2 min Ā· Denis Nuțiu

HackTheBox Reversing: Cake Challenge

Hello, If you open this binary in Binary Ninja or any other disassembler, youā€™ll see a that the flow is quite weird. After looking at the strings tab I found UPX listed in there, this explains the weird graph. UPX is an open-source packer. A packer is just a piece of software that compresses the binary, when the binary is run it will unpack itself. Packing an exe could reduce itā€™s size by 30% or so.. since UPX is free you could also use it to unpack binaries. Unpacking is left as a exercise to the reader (Iā€™m lazy) ...

September 15, 2018 Ā· 2 min Ā· Denis Nuțiu

HackTheBox Reversing: Impossible Password

Hello, this is a write-up regarding the HackTheBox reversing challenge: Impossible Password. Please donā€™t look at the solution if you havenā€™t attempted the challenge yet, it will ruin all the fun. Try to solve the challenge by yourself first, just put some hours into it, it isnā€™t that hard. Iā€™m also a newbie at RE. Here are some hints to get you started: The function call convention of this program seems to be: System V AMD64 ABI. Debug the program in a debugger like: edb-debugger. Okay, so, letā€™s solve this. ...

July 14, 2018 Ā· 3 min Ā· Denis Nuțiu