PW Crack 1

Download the challenge files in the same directory:

curl https://artifacts.picoctf.net/c/10/level1.py -o level1.py

curl https://artifacts.picoctf.net/c/10/level1.flag.txt.enc -o level1.flag.txt.enc

Read the encrypted flag:

cat level1.flag.txt.enc

And read the script:

cat level1.py

The first function str_xor as stated will not help us, so we will not focus on it.

flag_enc will open the encrypted flag file, and read it and saves it in it.

Then the level_1_pw_check called, and asks for input, and then compare that input to "691d", if True, it will continue the process and decrypt the flag, and print it, else it will print That password is incorrect and exit.

So all we have to do, is to run that script, and pass this password to it to decrypt the flag:

python3 level1.py
	691d

Here is the flag.

Since the process is just xoring, we can recover the flag with cyberchef:

I uploaded the encrypted flag, and used xor operation, and set the type of the key to UTF8, and the key is picoCTF{, as shown in the output 691d is repeated twice, so maybe if we take it and place in the key place:

Previousrepetitions NextPW Crack 2

Last updated 6 months ago