This challenge starts out by providing you with a .zip file:
Zip Password: hackthebox
sha256:7dd20fb1f8b0094486b7ed571bc32bfa8a33cb5b18237585ecbb78e362821e0b
Upon opening the .zip file with the password, we discover a lovely forest scene:
However…something is undoubtedly lurking beneath the surface…
The first thing I did was open up my command line and use Steghide on the image. The -sf part just instructs it to extract from a certain file.
steghide extract -sf <filepath>
Hmm, looks like we need a password to move forward.
After that roadblock, I decided to use exiftool on the image to see if I could get any useful info from that.
exiftool <filepath>
Nothing to see here.
The next thing I did was open it up in a photo viewer and start zooming in on things and applying random filters. I saw some people riding around on bikes, but then near the top left corner I saw something that looked a bit interesting:
It’s hard to see here and very faint, but this looks like it might be text. None of the other trees have black stripes like this (skinny tree in the center, in the shadows).
None of the filters I had seemed to be working that great (I was just using the basic Windows photo viewer), so I switched to an online tool called StegOnline. Just drag and drop your file and you’ll be able to apply some different filters. When I tried the “LSB Half” option, I got this:
I saved the image so I could flip it and zoom in. Then I adjusted to make it much lighter:
After the fact, I also found this online tool HERE, which produced a clear image.
Whatever tool you use to manipulate the image, we arrive to the same conclusion:
IsJuS1Af0r3sTbR0
This must be our password. Let’s go back to Steghide and try it.
steghide extract -sf <filepath>
Steghide wrote some data to a file called “nothinghere.txt”. Let’s open it:
cat nothinghere.txt
This is definitely some type of ciphertext. There is a wide array of tools available online for decoding things like this. Today I used CyberChef and had some luck with ROT13:
A closer look:
Nice job! This was the first Hack the Box challenge I completed. I am going to work through all the standalone challenges and then start working on the actual boxes.
Happy Hacking! ❤
