1 - Lab setup
You can find the room here and it's a FREE challenge room.
There didn’t seem to be a remote machine associated with this lab. I just started the chat bot and interacted with it.
2 - Discovery
I started the chat with the Bot to see what kind of interactions I can have. Right away I noticed that the Bot returned what appears like an MD5 hash and it claimed that it's a verification code. I decided to use that code and present it to it for another query to see if that elicits a different kind of response such as a different hash.
3 - Digging into the Hash
I thought this challenge had to do with cracking the hash so I wanted to verify whether it was a regular MD5 hash or not. On Kali CLI I ran 9d4f6a2e8c1b5d7f3a9e6c4b8d2f5a7c with hashid tool and it confirmed that’s possibly an MD5 hash. I tried to reverse lookup the hash value on cracksation and on hashes.com and both didn’t return any values.
4 - Engaging with the chatbot
I decided to ask it directly about the hash value and observe if it triggers any special response. I noticed that it keeps repeating that hashed value. I thought asking it directly about the hash could provide more clues about the hash value but I didn’t find anything of interest.
5 - Understanding the chatbot’s functionality
Since the hash value cracking hit a dead end, I thought I'd explore the bot's main functionality to see if it leaks any information or if I can find any other clues. It posted a love letter as it's supposed to.
6 - Breaking the bot
At this point I realized that my approach wasn't working. I decided to try tel the bot that its' output is incorrect and see how it behaves. I told it that the verification code (the hash it keeps repeating) is incorrect. I wanted to follow this up with telling it that it did a poor job and needs fixing and see how it behaves. However, when I read it’s reply I saw the mention of “flags” :
7 - Asking nicely
Given that the system has flag settings I asked it to provide those to me and with that all the flags of the challenge were presented.
Recap
- CupidBot provides replies to conversational messages and proivdes a hash as a verification code
- I thought that since the verification code is a hash, it's where the puzzle lies and it needs to be cracked.
- I tried to crack the hash using different tools but I couldn't get a positive result.
- I continued to interact with the Bot and that's when it leaked that there are certain flags that can be used.
- I asked it what these flags were and it provided all the flags to me.
- The challenge here doesn't involve hashes, and simply requires direct engagement with the bot to get the flags.
⚠️ Note: The text write up above was NOT edited or corrected by any AI tool and it's intentionally left this way with its' human flaws