Valentine Special Challenge | Tryhackme Writeup/Walkthrough | by Md Amiruddin

This is a writeup/walkthrough of Tryhackme room “Valentine Special Challenge” by Md Amiruddin

Room link : https://tryhackme.com/jr/valentinespecialchallenge

Task 1 : Tools Required

Setting Up John The Ripper

If you’re using Parrot OS, Kali Linux or TryHackMe’s own AttackBox- you should already have Jumbo John installed. You can double check this by typing john into the terminal. You should be met with a usage guide for john, with the first line reading: "John the Ripper 1.9.0-jumbo-1" or similar with a different version number. If not, you can use sudo apt install john to install it.

Cracking a Password Protected Zip File using John The Ripper

We can use John to crack the password on password protected Zip files.

Example Usage

zip2john zipfile.zip > ziphash.txt

For cracking use this command

john --wordlist=/usr/share/wordlists/rockyou.txt ziphash.txt

Symmetric encryption

A symmetric encryption algorithm uses the same key for encryption and decryption. Consequently, the communicating parties need to agree on a secret key before being able to exchange any messages.

We can decrypt a file using OpenSSL using the following command:

Note: you have to provide the secret key in order to decrypt it.

openssl aes-256-cbc -d -in encrypted_message -out message.txt

Install ExifTool

To install the ExifTool component, execute the following command:

sudo apt-get update && sudo apt-get install -y libimage-exiftool-perl

Task 2 : Challenge

Recently lordofficial has fallen in love with a cybergirl and she has send one love letter to him. In order to accept the valentine date request he needs to crack that love letter so, you are all requested to help him in order to accept her valentine request.

Answer the questions below :

Crack the password of love letter zip file using rockyou.txt wordlist.

What is the password for the love_letter.zip file?

Command used

┌─[lordofficial@parrot]─[~]
└──╼ $zip2john love_letter.zip > hash.txt

┌─[lordofficial@parrot]─[~]
└──╼ $john --wordlist=/usr/share/wordlists/rockyou.txt hash.txt

This is how we got our Answer 1.

2. What city is this person in?

Now we will use exif tool.

command used :

┌─[lordofficial@parrot]─[~]
└──╼ $exiftool valentine.jpg

This is how we got our Answer 2.

3. What is the Description of valentine.jpg file ?

This is how we got our Answer 3.

4. Decrypt the file valentine_message encrypted (using AES256-CBC) with the key using openssl.

What is the key to decrypt the file?

this looks suspicious so, we will use lordofficial@1377 to decrypt the valentine_message and it works.

command used :

┌─[lordofficial@parrot]─[~]
└──╼ $openssl aes-256-cbc -d -in valentine_message -out original_message.txt
enter aes-256-cbc decryption password:lordofficial@1377

This is how we got our Answer 4.

5. what is the hint you got after decrypting the valentine_message ?

Open the original_meassag.txt to read the hint.

This is how we got our Answer 5.

6. Decode the hint. what is the deoded hint ?

command used

echo '{decoded-hint}' | base64 --decode

This is how we got our Answer 6.

7. What is the Final flag ?

Go to the web browser and type the decoded hint and it will give your final flag.

This is how we got our Answer 7 final flag.