PicoCTF - PW Crack 5

Challenge

Tags

Beginner picoMini 2022 / General skill / password cracking / hashing

Description

Can you crack the password to get the flag?
Download the password checker here and you’ll need the encrypted flag and the hash in the same directory too. Here’s a dictionary with all possible passwords based on the password conventions we’ve seen so far.

Writeup

The challenge is quite similar to PW Crack 4, but we should know how to read dictionary.txt and then split and iterate it.
Modify level5.py script to following code :

import hashlib

### THIS FUNCTION WILL NOT HELP YOU FIND THE FLAG --LT ########################
def str_xor(secret, key):
    #extend key to secret length
    new_key = key
    i = 0
    while len(new_key) < len(secret):
        new_key = new_key + key[i]
        i = (i + 1) % len(key)        
    return "".join([chr(ord(secret_c) ^ ord(new_key_c)) for (secret_c,new_key_c) in zip(secret,new_key)])
###############################################################################

flag_enc = open('level5.flag.txt.enc', 'rb').read()
correct_pw_hash = open('level5.hash.bin', 'rb').read()


def hash_pw(pw_str):
    pw_bytes = bytearray()
    pw_bytes.extend(pw_str.encode())
    m = hashlib.md5()
    m.update(pw_bytes)
    return m.digest()


def level_5_pw_check(pw):
    user_pw = pw
    user_pw_hash = hash_pw(user_pw)
    
    if( user_pw_hash == correct_pw_hash ):
        print("Welcome back... your flag, user:")
        decryption = str_xor(flag_enc.decode(), user_pw)
        return decryption
    else:
        return "That password is incorrect"
    
list_ = open('dictionary.txt', 'r').read().split() #import txt and split it 

for x in list_: #iterate 
    res = level_5_pw_check(x)
    if res !="That password is incorrect" :
        print(res)

Here’s flag: picoCTF{h45h_sl1ng1ng_fffcda23} ٩(^ᴗ^)۶

PicoCTF - First Find

Challenge

Tags

PicoGyn Exclusive / General skills

Description

Unzip this archive and find the file named ‘uber-secret.txt’
Download zip file

Writeup

  1. wget https://artifacts.picoctf.net/c/550/files.zip
  2. unzip files.zip
  3. cd files
  4. use find command to find file
    find . -name uber-secret.txt   
    # ./adequate_books/more_books/.secret/deeper_secrets/deepest_secrets/uber-secret.txt
    
  5. checkout .txt we found!
    cat ./adequate_books/more_books/.secret/deeper_secrets/deepest_secrets/uber-secret.txt
    # picoCTF{f1nd_15_f457_ab443fd1} 
    
  6. Here’s the flag ! picoCTF{f1nd_15_f457_ab443fd1} ٩(^ᴗ^)۶

PicoCTF - Big Zip

Challenge

Tags

PicoGyn Exclusive / General skills

Description

Unzip this archive and find the flag.

Writeup

  1. wget https://artifacts.picoctf.net/c/553/big-zip-files.zip Now we have a zip file named big-zip-files.zip !
  2. unzip big-zip-files.zip
  3. cd big-zip-files
  4. grep -r picoCTF *
  5. Here’s flag: picoCTF{gr3p_15_m4g1c_ef8790dc} ٩(^ᴗ^)۶

PicoCTF - PW Crack 4

Challenge

Tags

Beginner picoMini 2022 / General skill / password cracking / hashing

Description

Can you crack the password to get the flag? Download the password checker here and you’ll need the encrypted flag and the hash in the same directory too.
There are 100 potential passwords with only 1 being correct. You can find these by examining the password checker script.

Writeup

Original level4.py script:

import hashlib

### THIS FUNCTION WILL NOT HELP YOU FIND THE FLAG --LT ########################
def str_xor(secret, key):
    #extend key to secret length
    new_key = key
    i = 0
    while len(new_key) < len(secret):
        new_key = new_key + key[i]
        i = (i + 1) % len(key)
    return "".join([chr(ord(secret_c) ^ ord(new_key_c)) for (secret_c,new_key_c) in zip(secret,new_key)])
###############################################################################

flag_enc = open('level4.flag.txt.enc', 'rb').read()
correct_pw_hash = open('level4.hash.bin', 'rb').read()


def hash_pw(pw_str):
    pw_bytes = bytearray()
    pw_bytes.extend(pw_str.encode())
    m = hashlib.md5()
    m.update(pw_bytes)
    return m.digest()


def level_4_pw_check():
    user_pw = input("Please enter correct password for flag: ")
    user_pw_hash = hash_pw(user_pw)

    if( user_pw_hash == correct_pw_hash ):
        print("Welcome back... your flag, user:")
        decryption = str_xor(flag_enc.decode(), user_pw)
        print(decryption)
        return
    print("That password is incorrect")



level_4_pw_check()

# The strings below are 100 possibilities for the correct password. 
#   (Only 1 is correct)
pos_pw_list = ["6288", "6152", "4c7a", "b722", "9a6e", "6717", "4389", "1a28", "37ac", "de4f", "eb28", "351b", "3d58", "948b", "231b", "973a", "a087", "384a", "6d3c", "9065", "725c", "fd60", "4d4f", "6a60", "7213", "93e6", "8c54", "537d", "a1da", "c718", "9de8", "ebe3", "f1c5", "a0bf", "ccab", "4938", "8f97", "3327", "8029", "41f2", "a04f", "c7f9", "b453", "90a5", "25dc", "26b0", "cb42", "de89", "2451", "1dd3", "7f2c", "8919", "f3a9", "b88f", "eaa8", "776a", "6236", "98f5", "492b", "507d", "18e8", "cfb5", "76fd", "6017", "30de", "bbae", "354e", "4013", "3153", "e9cc", "cba9", "25ea", "c06c", "a166", "faf1", "2264", "2179", "cf30", "4b47", "3446", "b213", "88a3", "6253", "db88", "c38c", "a48c", "3e4f", "7208", "9dcb", "fc77", "e2cf", "8552", "f6f8", "7079", "42ef", "391e", "8a6d", "2154", "d964", "49ec"]

We can use for loop run iterate every element in pos_pw_list as password. Modify level_4_pw_check() function as below :

def level_4_pw_check(pw):
    user_pw = pw
    user_pw_hash = hash_pw(user_pw)
    
    if( user_pw_hash == correct_pw_hash ):
        print("Welcome back... your flag, user:")
        decryption = str_xor(flag_enc.decode(), user_pw)
        print(decryption)
        return
    print("That password is incorrect")

Delete line level_4_pw_check() and paste the following code at the end.

for pw in pos_pw_list:
    level_4_pw_check(pw)

Here’s flag: picoCTF{fl45h_5pr1ng1ng_ae0fb77c} ٩(^ᴗ^)۶

PicoCTF - PW Crack 1

Challenge

Tags

Beginner picoMini 2022 / General skill / password cracking

Description

Can you crack the password to get the flag?
Download the password checker here and you’ll need the encrypted flag in the same directory too.

Writeup

  1. Download files
     wget https://artifacts.picoctf.net/c/53/level1.py
     wget https://artifacts.picoctf.net/c/53/level1.flag.txt.enc
    
  2. Check python code
     vim level1.py
    
  3. The place surrounded by the red frame reveals that password is 8713
  4. python level1.py then input 8713 as password.
  5. Here’s flag: picoCTF{545h_r1ng1ng_1b2fd683} ٩(^ᴗ^)۶