Official discussion thread for Fishy HTTP. Please do not post any spoilers or big hints.
I set up the same and proper webserver. Eventually, the program executes following command
dir && cd \Users\pakcyberbot && echo 'you are hacked' > notes.txt
Any idea? My Discord is @sarpthebolt
Don’t trust tools such Detect It Easy. I wasted so much time because of this.
Once you decompile the binary, it’s not that hard to get flag.
I am sure there are easier ways to solve this than how I did it, but for anyone coming here looking for a hint here are the tools I used: a windows debugger, a webserver, wireshark, awk / text editor, and an online decoder.
If the above is too much of a hint please let me know.
I got both the parts but for some reason flag is not correct
part1: HTB}*****_******_***
part2: ****_********_********}
I tried few combinations but they didn’t work.
I know I have the flag, yet it is still wrong. I did both parts in order to get the flag. Pretty obvious the flag is right considering the phrase. If it is capital sensitive, still did not work. How do I submit this flag or is it a challenge in itself.
There’s a chance there’s something in between the two flags parts I have rn but I’m not convinced just yet.
I am back, it was the case sensitivity lmaoooo
It’s way past the release so I don’t know if I’ll get a response, but was it my de-compiler that interpreted code wrong, or did everyone else need to slightly adjust the DecodeData function in order to get things to decode correctly?