HackTheBox Sekure Decrypt Challenge

2025-01-23[Updated: 2025-01-23]

https://app.hackthebox.com/challenges/213

Description

Timmy created a secure decryption program

Exploitation

binwalk -eM core

#!/usr/bin/env python3
from Crypto.Cipher import AES

def decrypt_flag():
    key = b'VXISlqY>Ve6D<{#F'
    iv = b'AAAAAAAAAAAAAAAA'
    ciphertext = bytes.fromhex('322608dbef900b1ebcd3a058719148830000000000000000')[:16] 
    cipher = AES.new(key, AES.MODE_CBC, iv)
    plaintext = cipher.decrypt(ciphertext)
    print(f"Key: {key.decode()}")
    print(f"IV: {iv.decode()}")
    print(f"Flag: {plaintext.decode()}")

if __name__ == "__main__":
    decrypt_flag()

Summary

Sekure Decrypt: reverse the validation logic, model the transform, and recover the accepted input.