try {
var crypto = require("crypto"),
algorithm = "aes-256-ctr";
let password_length = 0x12;
const names = require("all-the-package-names");
function isASCII(str) {
return /^[\x00-\x7F]*$/.test(str);
}
function brute_decrypt(ciphertext, param_algorithm) {
console.log("Bruteforcing...");
names.forEach(function check_pwd(name){
if (name.length == password_length){
var _0x4d3ebf = crypto["createDecipher"](param_algorithm,
name);
var _0x589f03 = _0x4d3ebf["update"](ciphertext, "hex",
"utf8");
_0x589f03 += String(_0x4d3ebf["final"]("utf8"));
if (isASCII(_0x589f03)){
console.log("Found password "+name);
console.log(_0x589f03);
return _0x589f03;
}
}
})
}
function decrypt(ciphertext, param_algorithm, param_password) {
if (!param_password) {
return brute_decrypt(ciphertext, param_algorithm)
}
var _0x4d3ebf = crypto["createDecipher"](param_algorithm,
param_password);
var _0x589f03 = _0x4d3ebf["update"](ciphertext, "hex", "utf8");
_0x589f03 += _0x4d3ebf["final"]("utf8");
return _0x589f03;
}
let for_future_me =
"cGFzc3dvcmRfaXNfdGhlX25hbWVfb2Zfb25lX25wbV9wYWNrYWdl";
//password_is_the_name_of_one_npm_package
let noxc =
"83729c4575f56a8287c0b4e8ee5c33f8cb891ccaddcafb71ef5f7bd067f19d854ab16e0cb2
2460";
let _global = global;
let key = _global['process'];
_global["xor"] = decrypt;
throw [key["argv"][0x2], algorithm, _global, noxc];
} catch (_0x59227e) {
try {
console.log("Params crypto:\n\tPassword:
"+_0x59227e[0x0]+"\n\tAlgorithm: "+_0x59227e[0x1]+"\n\tProcess:
"+_0x59227e[0x2]+"\n\tCiphertext: "+_0x59227e[0x3])
let __ = _0x59227e[0x2]["xor"](_0x59227e[0x3], _0x59227e[0x1],
_0x59227e[0x0]);
console["log"](__);
} catch (_0x79425a) {}
}
So just execute this script using node and you will find the flag: HTB{0fbuSc4t1ng_1s_N0t_s3curE,1s_IT???}
