Hackthebox challenge writeup - Templed

Sat 26 December 2020

A writeup of how I approached the HTB challenge Templed. Hackthebox is a fun platform that lets you work on your enumeration, pentesting and hacking skills.


This is my first crypto challenge. I have no idea what I am up for.

The challenge start with the download of a .zip file, and inside that you find a file Scroll.png

My first thought is that this is some kind of substitution cipher, meaning that each of the signs in the text represents a letter.

So I counted up how often each sign is represented in the text, so that I can compare that to a frequencytable I found on Wikipedia https://en.wikipedia.org/wiki/Frequency_analysis:

What can we assume?

  • 16 characters.
  • 14 unique characters.
  • It can be one or multiple words.
  • The word(s) might be separated, or not.

Let's line up what we know:

1  2  3  4  5  6  7  8  9  10  11  12  13  14  15  16
x  x  x  x  x  x  x  x  x  x   x   x   x   x   x   x
_  _  _  _  _  _  y  z  _  _   z   y   _   _   _   _
# If we trust the frequency analysis we can try substitute our multiple occurences according the chart
_  _  _  _  _  _  e  t  _  _   e   t   _   _   _   _
_  _  _  _  _  _  t  e  _  _   t   e   _   _   _   _

This look very crossword-like to me, so lets try a tool designed for solving crosswords: https://crossword-dictionary.com/

We do have some hits with the te patterns in it. But if we examine the results, none of them can be correct given that we know:

  • That te / et is the only pattern we have.
  • That t and e is the only letters occuring more than once.

This approach did not work out, so the thoughtprocess is kickstarted.

Looking for visual clues

The challenge is called templed and the image is named scroll. The text that comes with the challenge hinting about a temple, so let transform the image to see if we can learn more about it.

  • Original
  • Flip Horizontal
  • Flip Vertical
  • Rotate 180
  • Rotate 90 clockwise
  • Rotate 90 counterclockwise

Looking for different symbolciphers on the Internet

So far we have avoided searching the obvious keywords on your favorite searchengine. But I suspect this challenge to be really easy to solve if we just find the correct source of information.

I start at my favorite cryptosite: https://www.dcode.fr/en and search for symbols.

After some more searching we find this nugget: http://www.davidaking.org/Ciphers.htm:

Counting the oldschool way

As we can se from the chart, every number consist of a stem '|' which is varied by attaching various additions. I.e every sign in our secret message which contain the shape 'L' is a "1xy".

If we apply our new knowledge to our solution we will end up with this translation:

Which in a more copy-paste friendly way is:

72 84 66 123 77 48 78 107 115 95 107 78 51 119 33 125

I have a feeling that we are not quite done yet. These numbers might translate into letters somehow, so let find a number-to-letter translator: https://www.boxentriq.com/code-breaking/numbers-to-letters


Congratulations, you have solved the crypto challenge.