Skip to main content

Write-Up Deterministic HTB

·4 mins·
WriteUp HTB Challenge Python Cyberchef Misc
Table of Contents

In this writeup I will show you how I solved the Deterministic challenge from HackTheBox. The challenge is an easy misc challenge. Let’s start!

Initial Analysis
#

After downloading and unzipping the file we can see that there is only one file, deterministic.txt. Let’s open it and see what’s inside.

The states are correct but just for security reasons, 
each character of the password is XORed with a very super secret key.
100 H 110
110 T 111
111 B 112
112 { 113
113 l 114
114 0 115
115 l 116
116 _ 117
117 n 118
118 0 119
119 p 120
120 e 121
121 } 122
9 18 69
3 61 5
69 93 22
1 36 10
9 18 69
3 61 5
69 93 22
1 36 10
17 27 20
22 28 18
12 89 1
22 28 18
12 89 1
10 93 13
...

The description of the file is giving us a good hint. The file contains the states of a finite state machine. The states are correct but just for security reasons, each character of the password is XORed with a very super secret key. The key is the ASCII value of the character. So we have to find the ASCII value of the characters and XOR them with the ASCII value of the character. Let’s write a script to do this. I will use Python for this.

Python Script
#

This script will read the file and print the value in the middle of the 2 states.

first_state = 69420
last_state = 999

f_in = open("deterministic.txt", "r")

next = first_state
dic = {}

with open("deterministic.txt") as f_in:
	for line in f_in:
		values = line.strip().split(" ") # split the line in [state, value, next_state]

		# dic[state] = (value, next_state)
		try:
			dic[int(values[0])] = (int(values[1]), int(values[2])) # with int() ignore the ascii values
		except:
			pass

result = []

while next != last_state:
	temp = dic[next]
	result.append(temp[0])
	next = temp[1]

print(' '.join(str(i) for i in result))

When we run the script we get the following output:

48 6 28 73 4 8 7 8 14 12 13 73 29 6 73 25 8 26 26 73 29 1 27 6 28 14 1 73 8 5 5 73 29 1 12 73 10 6 27 27 12 10 29 73 26 29 8 29 12 26 73 6 15 73 29 1 12 73 8 28 29 6 4 8 29 8 73 8 7 13 73 27 12 8 10 1 73 29 1 12 73 15 0 7 8 5 73 26 29 8 29 12 71 73 36 8 7 16 73 25 12 6 25 5 12 73 29 27 0 12 13 73 29 6 73 13 6 73 29 1 0 26 73 11 16 73 1 8 7 13 73 8 7 13 73 15 8 0 5 12 13 71 71 73 38 7 5 16 73 29 1 12 73 27 12 8 5 73 6 7 12 26 73 4 8 7 8 14 12 13 73 29 6 73 27 12 8 10 1 73 29 1 12 73 15 0 7 8 5 73 26 29 8 29 12 71 73 48 6 28 73 8 5 26 6 73 15 6 28 7 13 73 29 1 12 73 26 12 10 27 12 29 73 2 12 16 73 29 6 73 13 12 10 27 16 25 29 73 29 1 12 73 4 12 26 26 8 14 12 71 73 48 6 28 73 8 27 12 73 29 27 28 5 16 73 30 6 27 29 1 16 72 72 73 48 6 28 73 26 1 6 28 5 13 73 11 12 73 27 12 30 8 27 13 12 13 73 30 0 29 1 73 29 1 0 26 73 14 0 15 29 72 73 61 1 12 73 25 8 26 26 25 1 27 8 26 12 73 29 6 73 28 7 5 6 10 2 73 29 1 12 73 13 6 6 27 73 0 26 83 73 33 61 43 18 93 28 29 89 36 93 29 93 54 93 27 90 54 47 28 60 28 39 54 93 7 45 54 39 89 29 54 45 88 15 47 88 10 60 5 29 72 72 20

As you can see, the output is a bunch of numbers. We can now use the hit that the description gave us and use Cyberchef.

Cyberchef
#

This is the receipe I used in Cyberchef:

Now we need to look for the key tried by cyberchef. We can see that the key is 69, indeed this is the message that appears:

Key = 69: You managed to pass through all the correct states of the automata and reach the final state. Many p

Now we just need to XOR the message with the key and we get the flag:

Marco Campione
Author
Marco Campione
MSc. Cybersecurity Student @KTH