misc/pw_crack_5

2024-09-03 17:38:12 +02:00 · 2024-09-03 17:38:12 +02:00 · 3fbaaa21b4
parent a2cc26d577
commit 3fbaaa21b4
6 changed files with 65605 additions and 0 deletions
--- a/misc/pw_crack_5/dictionary.txt
+++ b/misc/pw_crack_5/dictionary.txt
--- a/misc/pw_crack_5/level5.flag.txt.enc
+++ b/misc/pw_crack_5/level5.flag.txt.enc
@ -0,0 +1 @@
+_&1#K
QPX:	T^:VQWV
--- a/misc/pw_crack_5/level5.hash.bin
+++ b/misc/pw_crack_5/level5.hash.bin
@ -0,0 +1 @@
+B8sYч╘╨и╤╖≤$";
--- a/misc/pw_crack_5/level5.py
+++ b/misc/pw_crack_5/level5.py
@ -0,0 +1,42 @@
+#!/usr/bin/env python3
+
+import hashlib
+
+### THIS FUNCTION WILL NOT HELP YOU FIND THE FLAG --LT ########################
+def str_xor(secret, key):
+    #extend key to secret length
+    new_key = key
+    i = 0
+    while len(new_key) < len(secret):
+        new_key = new_key + key[i]
+        i = (i + 1) % len(key)
+    return "".join([chr(ord(secret_c) ^ ord(new_key_c)) for (secret_c,new_key_c) in zip(secret,new_key)])
+###############################################################################
+
+flag_enc = open('level5.flag.txt.enc', 'rb').read()
+correct_pw_hash = open('level5.hash.bin', 'rb').read()
+
+
+def hash_pw(pw_str):
+    pw_bytes = bytearray()
+    pw_bytes.extend(pw_str.encode())
+    m = hashlib.md5()
+    m.update(pw_bytes)
+    return m.digest()
+
+
+def level_5_pw_check():
+    user_pw = input("Please enter correct password for flag: ")
+    user_pw_hash = hash_pw(user_pw)
+
+    if( user_pw_hash == correct_pw_hash ):
+        print("Welcome back... your flag, user:")
+        decryption = str_xor(flag_enc.decode(), user_pw)
+        print(decryption)
+        return
+    print("That password is incorrect")
+
+
+
+level_5_pw_check()
+
--- a/misc/pw_crack_5/output.txt
+++ b/misc/pw_crack_5/output.txt
@ -0,0 +1,19 @@
+...
+eed0
+eed1
+eed2
+eed3
+eed4
+eed5
+eed6
+eed7
+eed8
+eed9
+eeda
+eedb
+eedc
+eedd
+eede
+eedf
+eee0
+picoCTF{h45h_sl1ng1ng_fffcda23}
--- a/misc/pw_crack_5/solve.sh
+++ b/misc/pw_crack_5/solve.sh
@ -0,0 +1,6 @@
+#!/usr/bin/env bash
+
+for pw in $(cat ./dictionary.txt); do
+	echo "$pw"
+	./level5.py <<<"$pw" | grep -o 'picoCTF{.*}' && exit 0
+done