Spookypass

Category Reversing
Difficulty Very Easy
Solves 13.9K
Rating 4.5/5
Reviews 103
Release 2024/11/13
Creator clubby789
First Blood HTB-Bot
User Rated Difficulty

Challenge Description

All the coolest ghosts in town are going to a party at a haunted house. Can you prove you deserve to enter?

Foothold

On the hackthebox platform, this challenge asks us to download a zip file. After downloading and extracting it, we get a file called pass, apparently an executable. When I ran it, it asked for a password; I certainly didn't have much success. I could even try a password-cracking script, but I don't think that's the intention, since it's not typical for a CTF of this type.

┌── ➤ rev_spookypass
└─ $ ./pass
Welcome to the SPOOKIEST party of the year.

Before we let you in, you'll need to give us the password: htb
You're not a real ghost; clear off!

It came to mind to use Ghidra, a reverse engineering tool that allows us to read compiled code. Opening the file with Ghidra, I was able to easily see the code, and it contained the expected password to decrypt the executable.

Screenshot

Using the password, I got the flag and the challenge solved.

Screenshot

Tags

reverse-engineering c reversing secrets ghidra

Notes

Some of this writeup is revised by AI. My own writing can be a bit clunky, so I get it to review certain parts to make things flow better and be a bit easier to read.

If you liked this content, please give me a respect on my Hack The Box profile. I'd be happy to hear I've helped you.

If anything here isn't clear, check out the cookbook. If you can't find the answer or need further clarification, please contact me at my e-mail.

Last updated: 2025-10-03