LootStash — HackTheBox

Description

A giant stash of powerful weapons and gear have been dropped into the arena - but there's one item you have in mind. Can you filter through the stack to get to the one thing you really need?

The task provides a zip archive with a single file stash — an ELF binary containing hundreds of decoy strings. The goal is to find the flag among the "junk" data.

Analysis

File Identification

$ file stash
stash: ELF 64-bit LSB executable, x86-64, version 1 (SYSV), dynamically linked, not stripped

Standard 64-bit ELF, dynamically linked, not stripped — no signs of packing or obfuscation.

String Examination

$ strings stash | head -30
Ebony, Core of Perdition
Phantomdream, Trinket of the Corrupted
Shadowstrike, Pendant of Twilight's End
Doomhowl, Relic of the Fallen
Stormfang, Amulet of Eternal Fury
...

The binary contains hundreds of strings with fantasy weapon and gear names — this is the "loot stash". The strings appear to be decorative noise, among which the flag is hidden.

Finding the Flag

$ strings stash | grep "HTB{"
HTB{n33dl3_1n_a_l00t_stack}

The flag was found instantly — it's stored in plaintext among hundreds of decoy strings. No encryption, encoding, or obfuscation was applied.

Meaning of the Name

The flag HTB{n33dl3_1n_a_l00t_stack} is leetspeak for "needle in a loot stack", a play on the idiom "needle in a haystack". The task description directly hints at this: you need to "filter through the stack" to find the one thing you need.

Solution

Commands

# 1. Extract the archive
unzip rev_lootstash.zip

# 2. Identify the file
file stash

# 3. Find the flag
strings stash | grep "HTB{"

...