CyberChef
CyberChef is a opensource tool that you may use locally or online to convert, parse or carry out well over 100 different operations.What is special about CyberChef is that it is provided as a plain HTML page. You can access it online here, or download a copy to your local system instead to use it even without Internet connection.
The operations that CyberChef supports are mostly useful to programmers and administrators, but may also be useful to students and others occasionally.
One of the main applications of CyberChef is the conversion of one data format into another. It is not the only, as it supports various parsing, code cleanup, and extraction operations as well on top of that.
Here I take a simple example of how to extract a secret file from the hex dump using CyberChef.
1: Here I take a hash dump which I found while solving one machine on HTB. I just copy a hex from the file and simply paste it here.
2: Now we have to extract some information from this dump so for that first we extract info from this hex dump by picking “from hex dump” and simply drag this option from the left panel to the medium, it automatically start baking your input.
3: As we got some output but we are unaware what is it. Its hard to tell anything from the output what type of file is it, for that we search for type in the left panel and from the result we just drag detect file type.
4: Now we have to unzip this file, again search for bzip2 decompress and drag this option before the detect file system because we have to bake the recepie so everything need to be in the order. We can’t drag and put this option after file type it shows us the error then. As you can see in the below image.
5: Again search for gzip decompresser gunzip this time and drag and put it after bzip2. Decompress it and again we see bzip2 file
6: Drag and put bzip2 decompresser after gunzip, and this time it bake and shows us the tar file.
7: Untar the above file, search the untar option from the left panel and put it after bzip2 decompresser, And it shows me the error then I untick all the options images,videos,documents etc which you can see in the below image.Finally this time we get our file (file.txt)which contain the password.
Hope this will help you guys in understanding the use of CyberChef.