It’s Shahabor Hossain Rifat here.Today we will slove Cicada-3301 Vol:1 room on tryhackme.
So, without further ado, let’s get started.
So, at first download task files . After downloading I found a zip file and extracted the zip file. After extracting I got two files.
I found an audio file. Let’s analyze the audio file with Sonic Visualiser. After analyzing the audio file I found QR code.
After scanning the QR code I found the following link.
I visited the link and I found some text in Pastebin
Let’s decrypt the passphrase and key with CyberChef
Now to get the final passphrase
Let’s find the secret message with steghide from image .
Let’s visit the link. In this link I found an image. I downloaded the image and tried to find the hidden files using the outguess tool.
Outguess tool link : https://github.com/crorvick/outguess
[r1fat@exploit outguess]$ outguess -r image-link.jpg tryhackme Reading image-link.jpg.... Extracting usable bits: 29035 bits Steg retrieve: seed: 38, len: 1351 [r1fat@exploit outguess]$ cat tryhackme -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Welcome again. Here is a book code. To find the book, break this hash: b6a233fb9b2d8772b636ab581169b58c98bd4b8df25e452911ef75561df649edc8852846e81837136840f3aa453e83d86323082d5b6002a16bc20c1560828348 Use positive integers to go forward in the text use negative integers to go backwards in the text. I:1:6 I:2:15 I:3:26 I:5:4 I:6:15 I:10:26 / / I:13:5 I:13:1 I:14:7 I:3:29 I:19:8 I:22:25 / I:23:-1 I:19:-1 I:2:21 I:5:9 I:24:-2 I:22:1 I:38:1 Good luck. 3301 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) iQIcBAEBAgAGBQJQ5QoZAAoJEBgfAeV6NQkPf2IQAKWgwI5EC33Hzje+YfeaLf6m sLKjpc2Go98BWGReikDLS4PpkjX962L4Q3TZyzGenjJSUAEcyoHVINbqvK1sMvE5 9lBPmsdBMDPreA8oAZ3cbwtI3QuOFi3tY2qI5sJ7GSfUgiuI6FVVYTU/iXhXbHtL boY4Sql5y7GaZ65cmH0eA6/418d9KL3Qq3qkTcM/tRAHhOZFMZfT42nsbcvZ2sWi YyrAT5C+gs53YhODxEY0T9M2fam5AgUIWrMQa3oTRHSoNAefrDuOE7YtPy40j7kk 5/5RztmAzeEdRd8QS1ktHMezXEhdDP/DEdIJCLT5eA27VnTY4+x1Ag9tsDFuitY4 2kEaVtCrf/36JAAwEcwOg2B/stdjXe10RHFStY0N9wQdReW3yAOBohvtOubicbYY mSCS1Bx91z7uYOo2QwtRaxNs69beSSy+oWBef4uTir8Q6WmgJpmzgmeG7ttEHquj 69CLSOWOm6Yc6qixsZy7ZkYDrSVrPwpAZdEXip7OHST5QE/Rd1M8RWCOODba16Lu URKvgl0/nZumrPQYbB1roxAaCMtlMoIOvwcyldO0iOQ/2iD4Y0L4sTL7ojq2UYwX bCotrhYv1srzBIOh+8vuBhV9ROnf/gab4tJII063EmztkBJ+HLfst0qZFAPHQG22 41kaNgYIYeikTrweFqSK =Ybd6 -----END PGP SIGNATURE-----
let’s analyze the hash
Decrypt the hash
let’s do the Book Cipher
I:1:6 = h # Exemple 1 = number 1 line , 6 = 6 number character I:2:15 = t I:3:26 = t I:5:4 = p I:6:15 = s I:10:26 = : / = / / = / I:13:5 = b I:13:1 = i I:14:7 = t I:3:29 = . I:19:8 = l I:22:25 = y / = / I:23:-1 = 3 I:19:-1 = 9 I:2:21 = p I:5:9 = w I:24:-2 = 2 I:22:1 = N I:38:1 = H
After completing this I found another link
Hope you guys enjoyed this tryhackme Walkthrough .