Note to fellow-HTBers: Only write-ups of retired HTB machines or challenges are allowed.

Challenge info

0ld is g0ld [by subzer0x0]
Old algorithms are not a waste, but are really precious…

The challenge

We start of by downloading the file and verifying it’s sha256sum with the hash displayed on the challenge page.

$ sha256sum 

We then procedd to unzip this file using the password provided on the challenge page. This will give us a PDF file.

$ unzip 
[] 0ld is g0ld.pdf password: 
  inflating: 0ld is g0ld.pdf

This PDF is password protected.

‘0ld is g0ld.pdf’ requires a password before it can be opened

Analysing the PDF

If you don’t have experience with analysing PDF files, I recommend you go an visit Didier Stevens’ blog. Didier has built some amazing tools to analyse PDF and OLE documents.
The following blog post might be particularly interesting for this challenge:

We use some of Didier Stevens’ tools to analyse the PDF as to gain some insight on the PDF password protection / encryption technique used here.

$ ~/Documents/Tools/DidierStevens/ '0ld is g0ld.pdf'
PDFiD 0.2.5 0ld is g0ld.pdf
 PDF Header: %PDF-1.6
 obj                   15
 endobj                15
 stream                 5
 endstream              5
 xref                   2
 trailer                2
 startxref              2
 /Page                  1
 /Encrypt               2
 /ObjStm                1
 /JS                    0
 /JavaScript            0
 /AA                    0
 /OpenAction            0
 /AcroForm              0
 /JBIG2Decode           0
 /RichMedia             0
 /Launch                0
 /EmbeddedFile          0
 /XFA                   0
 /URI                   0
 /Colors > 2^24         0
$ ~/Documents/Tools/DidierStevens/ -s Encrypt '0ld is g0ld.pdf' 
    /Size 45
    /Root 1 0 R
    /Info 10 0 R
    /ID [<5C8F37D2A45EB64E9DBBF71CA3E86861><5C8F37D2A45EB64E9DBBF71CA3E86861>]
    /Encrypt 43 0 R

    /Size 45
    /Root 1 0 R
    /Info 10 0 R
    /ID [<5C8F37D2A45EB64E9DBBF71CA3E86861><5C8F37D2A45EB64E9DBBF71CA3E86861>]
    /Encrypt 43 0 R
    /Prev 196676
    /XRefStm 196344

$ ~/Documents/Tools/DidierStevens/ -o 43 '0ld is g0ld.pdf' 
obj 43 0

            /AuthEvent /DocOpen
            /CFM /AESV2
            /Length 16
    /Filter /Standard
    /Length 128
    /O <702CC7CED92B595274B7918DCB6DC74BEDEF6EF851B4B4B5B8C88732BA4DAC0C>
    /P -1060
    /R 4
    /StmF /StdCF
    /StrF /StdCF
    /U <9CBA5CFB1C536F1384BBA7458AAE3F8100000000000000000000000000000000>
    /V 4

Note that the key lenght is 128 bits. As indicated in the file header we’re dealing with a PDF that was created using the PDF-1.6 standard.

Cracking the password

As with the previous challenge, we create a hash file. But since we’ll be using hashcat this time, we’ll need to strip some data from the hash file.

$ /usr/share/john/ '0ld is g0ld.pdf' > /tmp/encrypted.hash
$ cat /tmp/encrypted.hash 
0ld is g0ld.pdf:$pdf$4*4*128*-1060*1*16*5c8f37d2a45eb64e9dbbf71ca3e86861*32*9cba5cfb1c536f1384bba7458aae3f8100000000000000000000000000000000*32*702cc7ced92b595274b7918dcb6dc74bedef6ef851b4b4b5b8c88732ba4dac0c

$ awk -F: '{ print $2 }' /tmp/encrypted.hash | tee /tmp/encrypted.hashcat

We then run hashcat using the following parameters:
-m 10500 = “PDF 1.4 - 1.6 (Acrobat 5 - 8)” hash mode
-a 0 = “Straight” attack mode

$ sudo hashcat -m 10500 -a 0 --force /tmp/encrypted.hashcat /usr/share/wordlists/rockyou.txt
Dictionary cache hit:
* Filename..: /usr/share/wordlists/rockyou.txt
* Passwords.: 14344385
* Bytes.....: 139921507
* Keyspace..: 14344385


Getting the flag

We can now open the PDF file using our default PDF viewer, decrypting it using the password we just discovered.

$ xdg-open 0ld\ is\ g0ld.pdf

The PDF contains a picture of Samuel Morse which is a hint as to how we can retrieve the flag.

Samuel Morse, co-developer of Morse code

Scrolling further down the document (and zooming in) reveals a series of dots and dashes, i.e. morse code.

.-. .---- .--. ... .- -- ..- ...-- .-.. -- ----- .-. ... ...--

Converting this code using an online Morse code converter (e.g. finally gives us the flag.
Note that you’ll need to format this to fit the Hack The Box syntax requirements.