Recovery

#

Date: 9^th March 2024
Challenge Author: perrythepwner
Difficulty: Very Easy
Category: Blockchain

TL;DR

#

• The challenge consist in recovery stolen BTC funds given an Electrum seed phrase in an hacked ssh instance.

Description

#

Hacker, help! During the war our infrastructure was compromised as were the private keys to our Bitcoin wallet that we kept.
We managed to track the hacker and were able to get some SSH credentials into one of his personal cloud instances, can you try to recover my Bitcoins?
satoshi:L4mb0Pr0j3ct
NOTE: Network is regtest, check connection info in the handler first.

Skills Required

#

• None

Skills Learned

#

• Bitcoin wallets
• Bitcoin regtest network
• Wallets seed phrases
• Electrum wallet setup & interaction
• Sending Bitcoins

Enumeration

#

We must find a way to recover the funds that were stolen from us.
We have been given an ssh instance that we can access with the credentials: satoshi:L4mb0Pr0j3ct

Once we login in we’ll note a electrum-wallet-seed.txt file inside the home directory. The players can google something like “electrum wallet seed” and find some interesting links:

• Electrum Seed Version System
• Restoring your standard wallet from seed - Bitcoin Electrum
• https://bitcoinelectrum.com/creating-an-electrum-wallet/

With these links alone the player will learn what’s a Bitcoin wallet, how to create/load it, what’s BIP39 etc.

Solution

#

Wallet Recovery

#

0. Install Electrum wallet client

1. Start the client in regtest mode as the description suggest

   

2. Standard wallet –> I already have seed –> insert the seed phrase found in the ssh instance

   

3. Change network to the Electrum server provided to connect to the blockchain

   

We could also started Electrum with the correct server from the cli, with: ./electrum-4.4.6-x86_64.AppImage --regtest --oneserver -s 0.0.0.0:50001:t

4. Connect to Challenge Handler to get the flag

   

5. Send back the Bitcoin to the given address.

   

   

   

HTB{n0t_y0ur_k3ys_n0t_y0ur_c01n5}