[HackTheBox] misDIRection Challenge
Read this article in portuguese: https://cleberjsantos.medium.com/hackthebox-desafio-misdirection-9a9f70223ded
For this challenge’s necessary atention only, miscDIRection is a miscellaneous challenge in hackthebox, after downloading and unzipped the file, has been unziped a hidden folder with many subdirectories, and some of these subdirectories have a file without content :)
Initially I tried visiting the folders using find command concatenated with cat, but , I checked files were empty!
Analyzing more, is noted that the filenames are all unique numbers and are totalized 36 files (find . -type f | wc -l). This challenge is very easy, but it’s meaningless :/
If we look only at the files, we noticed that besides being 36 files, also are numbered with a range from 1 until 36 sequentially, and that’s the only logical thing here.
Strategy to own this challenge
We print a list that contain the parent folder name sorted from 1 until 36 by filename (numbered) sequentially, this looks good to me, so, lets go.
We can create a script to help here, then…
If run “python misdirection.py”, we shows a string organized and the sorted content clearly shows a message, but remember for the challenges there will be a flag that looks like HTB{something_else}, so I concatened the python output with base64 decode to got HTB flag.
python3 misdirection.py | base64 -d
HTB{XXX_XXX}
