Post

Hack The Box Write-Up Challenge SpookyPass

Posted
By T13nn3s
1 min read
Hack The Box Write-Up Challenge SpookyPass

About SpookyPass

In this post, I’m writing a write-up for the machine SpookyPass from Hack The Box. Hack The Box is an online platform to train your ethical hacking skills and penetration testing skills.

Challenge Scenario

All the coolest ghosts in town are going to a Haunted Houseparty - can you prove you deserve to get in?

Solution

After downloading and extracting the ZIP file, we have the binary with the name pass. On execution the binaray shows this:

1
2
3
4

┌──(kali㉿kali)-[~/…/htb/challenges/spookypass/rev_spookypass]
└─$ ./pass           
Welcome to the SPOOKIEST party of the year.
Before we let you in, you'll need to give us the password:

The command file on this binary has the following output:

1
2
3

┌──(kali㉿kali)-[~/…/htb/challenges/spookypass/rev_spookypass]
└─$ file pass                                                                          
pass: ELF 64-bit LSB pie executable, x86-64, version 1 (SYSV), dynamically linked, interpreter /lib64/ld-linux-x86-64.so.2, BuildID[sha1]=3008217772cc2426c643d69b80a96c715490dd91, for GNU/Linux 4.4.0, not stripped

Let’s start with strings to analyze this binary.

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28

┌──(kali㉿kali)-[~/…/htb/challenges/spookypass/rev_spookypass]
└─$ strings pass                               
/lib64/ld-linux-x86-64.so.2
fgets
stdin
puts
__stack_chk_fail
__libc_start_main
__cxa_finalize
strchr
printf
strcmp
libc.so.6
GLIBC_2.4
GLIBC_2.2.5
GLIBC_2.34
_ITM_deregisterTMCloneTable
__gmon_start__
_ITM_registerTMCloneTable
PTE1
u3UH
Welcome to the 
[1;3mSPOOKIEST
[0m party of the year.
Before we let you in, you'll need to give us the password: 
s3cr3t_p455_f0r_gh05t5_4nd_gh0ul5
Welcome inside!
You're not a real ghost; clear off!

We can clearly see the password in the output: s3cr3t_p455_f0r_gh05t5_4nd_gh0ul5.

1
2
3
4
5
6

┌──(kali㉿kali)-[~/…/htb/challenges/spookypass/rev_spookypass]
└─$ ./pass 
Welcome to the SPOOKIEST party of the year.
Before we let you in, you'll need to give us the password: s3cr3t_p455_f0r_gh05t5_4nd_gh0ul5
Welcome inside!
HTB{un0bfu5c4t3d_5tr1ng5}

Entering this password reveals the flag: HTB{un0bfu5c4t3d_5tr1ng5}.

Hack The Box, Challenge, Reversing
hackthebox challenge reversing
This post is licensed under CC BY 4.0 by the author.