Hack the Box: Retro
Challenge Lab: Stego
“Do you remember the eighties? Maybe you can travel to the past to find the flag.”
Zip Password: hackthebox
First thing to do is unzip the file with the password provided:
So this is a photo from an old film called “Revenge of the Nerds”. I have never watched it, but I do remember seeing it at Blockbuster back in the day.
First thing I did was try file, exiftool, and binwalk to see what preliminary info I could gain.
I found that it was an actual .jpg image, and not just disguised as one:
Nothing really that interesting to see with exiftool:
But binwalk shows a .txt file and a .wav file hidden within the photo:
I used binwalk again to extract those two files.
They were placed in a folder on my Desktop:
This is what the text document said:
Hmm, so no modern software or tools I’m assuming? I still opened it up in Audacity just to check though, which did not give me any hints:
The audio recording is just one long beep followed by a shorter beep.
According to the Wikipedia page HERE, the .wav format was released in 1991, so I may need to convert it to something else.
After various forms of Google-Fu related to the 80’s context…I eventually found THIS question on a forum talking about how Atari made beeping sounds when you loaded a tape.
Then I looked for the actual sound to compare, and found THIS YouTube video, as well as THIS one, which seemed to match the annoying sounds. As the guy in the first video comments…who thought that would be a good idea?!
At this point I’m thinking, do I need to convert this and get some sort of emulator? Is it an Atari cassette file disguised as a .wav file? Or just the recording of the cassette noises? In that first forum link, there is mention of converting .cas to .wav files, so can I convert them back?
Eventually, after hours of frustration, I figured out that the tool I actually needed within the Turgen software (Turbo Decoder) had become its own “independent project” in 2020. So I needed to use it individually.
I cloned it from the repository:
Then I ran it like this:
After creating a directory for the output files and attaching my .wav file, I clicked “Attach Decoder”. Then I slid the navigation bar about half-way through, set the decoder to “Universal Turbo”, checked “Decode raw blocks”, checked “Save header to extra file” on the Other Settings tab, and finally, clicked “Decode until EOF”.
Don’t ask me how I figured all that out. I basically spent like two hours pressing different buttons because I was too stubborn to give up after all the time I had already dedicated to this.
You will see that there were two files output. You can run “strings” on them to find your flag.
I was not a fan of this one. It was entirely too guessy and used some very obscure tools that have little documentation, which is why I rated it hard. I definitely learned something, but I’m not sure how much value that holds because of the obscurity.
Anyways, I’m off to eat some dinner and watch the election drama.
Happy Hacking! ❤