XSS Rat Challenge

I saw the following tweet of Uncle Rat on his twitter profile.

(1). I have noticed the 4 ‘=’ at the end of the key and I think its a base encoding. Uncle Rat has also mentioned that the key is encoded.

(2). Lets open CyberChef ( https://gchq.github.io/CyberChef/ ) and as I am not sure about the encoding of the Key.
(N44TQ2TKNZTWS33MGEZGY6DJN5XTSODKNJXGO2LPNQYTE3DYNFXQ====)
I will be using the ‘magic’ recipe of CyberChef on the key.

So, we have successfully decoded the key string.

(3). Now, we have to deal with the upper string, about which I have no idea. So, lets fire up google and search for it.

I followed the first link, the webpage contains options for both encryption and decryption but as we want to get a plain text result, we will be only using the decryption part.

There are total 7 fields and we might need to test each one of them till the time we don’t get some result.

(4). Lets paste the encrypted text in the first field.
( 42F2C00487366ADE39A48E03047FAE214704BC5FBE38F5E4D9D90F39B0A340170833709CB35307A51C1A10C334B634A456F68740BF325324D292AA9AD623D10A374271387F4E599F5BAD94B7D375A4144C2DA75EDE46065C62ACB1A607FAB872
)

(5). Now we would have to change the input text format field to Hex as we don’t see any ‘=’ at the end of text and all the text is in Hex format.

(6). We won’t change the select mode and keep it to ECB

(7). Lets paste the decoded key from (2). in Enter secret string which is o98jjngiol12lxioo98jjngiol12lxio

(8). Now, if we press Decrypt button, we get error ‘Length of secret key should be 16 for 128 bits key size’ as we have set the Key Size in Bits to 128 .

I ran a command in python to count no. of characters of key.

and it returned 32 and we need to change the key size to 256

(9). If we press the Decrypt button now, the AES Decrypted Output (Base64) appears and now we can easily Decode to Plain Text and see our free udemy course coupon, which by the way is expired 😂

I hope it was a fun and informative read for you and you enjoyed it.🤞