Challenge Author: LT ‘SYREAL’ JONES
Category: General Skills
Difficulty: Easy
Description
Can you crack the password to get the flag? Download the password checker here and you’ll need the encrypted flag in the same directory too.
Process / Notes
wgetthe password checker and encrypted flagcatboth- In the decoder program it looks like if the password id 4 specific Unicode characters, you’ll pass and be able to decode the flag
- The characters are 0x33 0x39 0x63 0x65
- Or is this hex?
- It looks like there’s an ASCII conversion
| Hex | Decimal | ASCII |
|---|---|---|
| 0x33 | 51 | 3 |
| 0x39 | 57 | 9 |
| 0x63 | 99 | c |
| 0x65 | 101 | e |
- Running the program and trying the password ‘39ce’
- The flag is revealed!
- I figured it could be solved on the command line rather than with a table with
$ echo '0x33 0x39 0x63 0x65' | xxd -rp
13 minutes 10 seconds to complete
Hints
- Does the encoding look familiar?
- The str_xor function does not need to be reverse-engineered for this challenge
Core Lessons
- Recognize the encoding pattern
- Understand how to convert the encoded text into plain text