3 minutes
0ld is g0ld
Note to fellow-HTBers: Only write-ups of retired HTB machines or challenges are allowed.
Challenge info ¶
0ld is g0ld [by subzer0x0]
Old algorithms are not a waste, but are really precious…
The challenge ¶
We start of by downloading the fs0ciety.zip file and verifying it’s sha256sum with the hash displayed on the challenge page.
$ sha256sum 0ld_is_g0ld.zip
26961d9545f97bdd8effbfd95038dca84281728d2200c5767e8ad9b94989def1 0ld_is_g0ld.zip
We then procedd to unzip this file using the password provided on the challenge page. This will give us a PDF file.
$ unzip 0ld_is_g0ld.zip
Archive: 0ld_is_g0ld.zip
[0ld_is_g0ld.zip] 0ld is g0ld.pdf password:
inflating: 0ld is g0ld.pdf
This PDF is password protected.

Analysing the PDF ¶
If you don’t have experience with analysing PDF files, I recommend you go an visit Didier Stevens’ blog. Didier has built some amazing tools to analyse PDF and OLE documents.
The following blog post might be particularly interesting for this challenge: https://blog.didierstevens.com/2017/12/26/cracking-encrypted-pdfs-part-1/.
We use some of Didier Stevens’ tools to analyse the PDF as to gain some insight on the PDF password protection / encryption technique used here.
$ ~/Documents/Tools/DidierStevens/pdfid.py '0ld is g0ld.pdf'
PDFiD 0.2.5 0ld is g0ld.pdf
PDF Header: %PDF-1.6
obj 15
endobj 15
stream 5
endstream 5
xref 2
trailer 2
startxref 2
/Page 1
/Encrypt 2
/ObjStm 1
/JS 0
/JavaScript 0
/AA 0
/OpenAction 0
/AcroForm 0
/JBIG2Decode 0
/RichMedia 0
/Launch 0
/EmbeddedFile 0
/XFA 0
/URI 0
/Colors > 2^24 0
$ ~/Documents/Tools/DidierStevens/pdf-parser.py -s Encrypt '0ld is g0ld.pdf'
trailer
<<
/Size 45
/Root 1 0 R
/Info 10 0 R
/ID [<5C8F37D2A45EB64E9DBBF71CA3E86861><5C8F37D2A45EB64E9DBBF71CA3E86861>]
/Encrypt 43 0 R
>>
trailer
<<
/Size 45
/Root 1 0 R
/Info 10 0 R
/ID [<5C8F37D2A45EB64E9DBBF71CA3E86861><5C8F37D2A45EB64E9DBBF71CA3E86861>]
/Encrypt 43 0 R
/Prev 196676
/XRefStm 196344
>>
$ ~/Documents/Tools/DidierStevens/pdf-parser.py -o 43 '0ld is g0ld.pdf'
obj 43 0
Type:
Referencing:
<<
/CF
<<
/StdCF
<<
/AuthEvent /DocOpen
/CFM /AESV2
/Length 16
>>
>>
/Filter /Standard
/Length 128
/O <702CC7CED92B595274B7918DCB6DC74BEDEF6EF851B4B4B5B8C88732BA4DAC0C>
/P -1060
/R 4
/StmF /StdCF
/StrF /StdCF
/U <9CBA5CFB1C536F1384BBA7458AAE3F8100000000000000000000000000000000>
/V 4
>>
Note that the key lenght is 128 bits. As indicated in the file header we’re dealing with a PDF that was created using the PDF-1.6 standard.
Cracking the password ¶
As with the previous challenge, we create a hash file. But since we’ll be using hashcat this time, we’ll need to strip some data from the hash file.
$ /usr/share/john/pdf2john.pl '0ld is g0ld.pdf' > /tmp/encrypted.hash
$ cat /tmp/encrypted.hash
0ld is g0ld.pdf:$pdf$4*4*128*-1060*1*16*5c8f37d2a45eb64e9dbbf71ca3e86861*32*9cba5cfb1c536f1384bba7458aae3f8100000000000000000000000000000000*32*702cc7ced92b595274b7918dcb6dc74bedef6ef851b4b4b5b8c88732ba4dac0c
$ awk -F: '{ print $2 }' /tmp/encrypted.hash | tee /tmp/encrypted.hashcat
$pdf$4*4*128*-1060*1*16*5c8f37d2a45eb64e9dbbf71ca3e86861*32*9cba5cfb1c536f1384bba7458aae3f8100000000000000000000000000000000*32*702cc7ced92b595274b7918dcb6dc74bedef6ef851b4b4b5b8c88732ba4dac0c
We then run hashcat using the following parameters:
-m 10500 = “PDF 1.4 - 1.6 (Acrobat 5 - 8)” hash mode
-a 0 = “Straight” attack mode
$ sudo hashcat -m 10500 -a 0 --force /tmp/encrypted.hashcat /usr/share/wordlists/rockyou.txt
[...]
Dictionary cache hit:
* Filename..: /usr/share/wordlists/rockyou.txt
* Passwords.: 14344385
* Bytes.....: 139921507
* Keyspace..: 14344385
$pdf$4*4*128*-1060*1*16*5c8f37d2a45eb64e9dbbf71ca3e86861*32*9cba5cfb1c536f1384bba7458aae3f8100000000000000000000000000000000*32*702cc7ced92b595274b7918dcb6dc74bedef6ef851b4b4b5b8c88732ba4dac0c:jumanji69
[...]
Getting the flag ¶
We can now open the PDF file using our default PDF viewer, decrypting it using the password we just discovered.
$ xdg-open 0ld\ is\ g0ld.pdf
The PDF contains a picture of Samuel Morse which is a hint as to how we can retrieve the flag.

Scrolling further down the document (and zooming in) reveals a series of dots and dashes, i.e. morse code.
.-. .---- .--. ... .- -- ..- ...-- .-.. -- ----- .-. ... ...--
Converting this code using an online Morse code converter (e.g. https://morsecode.scphillips.com/translator.html) finally gives us the flag.
Note that you’ll need to format this to fit the Hack The Box syntax requirements.
R1PSAMU3LM0RS3
==> HTB{R1PSAMU3LM0RS3}