🛑
This box is still active on HackTheBox. Once retired, this article will be published for public access as per HackTheBox's policy on publishing content from their platform.
Clicking the Subscribe button below WILL NOT get you access to this article (although I would be grateful for your subscription otherwise).
Clicking the Subscribe button below WILL NOT get you access to this article (although I would be grateful for your subscription otherwise).
Initial Foothold Hint:
- The server is said to be running a sandbox, can you find the virtual host?
- Read up on the malware they are analyzing and which payload you might need to use to get command execution
Privilege Escalation Hint:
- Have you found the internal note on the system?
- What service is the team replacing? And, where are they storing the information?
- Did you find any other interesting files? How are your binary analysis skills?
- Using the information found from the binary analysis, how could you write a program in the same programming language to reverse the ciphertext? Hint: The encryption key is derived from the seed and this is URL-safe base64 text