diff --git a/rev/vault_door_3/VaultDoor3.java b/rev/vault_door_3/VaultDoor3.java new file mode 100644 index 0000000..c71c890 --- /dev/null +++ b/rev/vault_door_3/VaultDoor3.java @@ -0,0 +1,44 @@ +import java.util.*; + +class VaultDoor3 { + public static void main(String args[]) { + VaultDoor3 vaultDoor = new VaultDoor3(); + Scanner scanner = new Scanner(System.in); + System.out.print("Enter vault password: "); + String userInput = scanner.next(); + String input = userInput.substring("picoCTF{".length(),userInput.length()-1); + if (vaultDoor.checkPassword(input)) { + System.out.println("Access granted."); + } else { + System.out.println("Access denied!"); + } + } + + // Our security monitoring team has noticed some intrusions on some of the + // less secure doors. Dr. Evil has asked me specifically to build a stronger + // vault door to protect his Doomsday plans. I just *know* this door will + // keep all of those nosy agents out of our business. Mwa ha! + // + // -Minion #2671 + public boolean checkPassword(String password) { + if (password.length() != 32) { + return false; + } + char[] buffer = new char[32]; + int i; + for (i=0; i<8; i++) { + buffer[i] = password.charAt(i); + } + for (; i<16; i++) { + buffer[i] = password.charAt(23-i); + } + for (; i<32; i+=2) { + buffer[i] = password.charAt(46-i); + } + for (i=31; i>=17; i-=2) { + buffer[i] = password.charAt(i); + } + String s = new String(buffer); + return s.equals("jU5t_a_sna_3lpm11g54e_u_4_m4r042"); + } +} diff --git a/rev/vault_door_3/solve.py b/rev/vault_door_3/solve.py new file mode 100755 index 0000000..22eee4f --- /dev/null +++ b/rev/vault_door_3/solve.py @@ -0,0 +1,63 @@ +#!/usr/bin/env python3 + +# public boolean checkPassword(String password) { +# if (password.length() != 32) { +# return false; +# } +# char[] buffer = new char[32]; +# int i; +# for (i=0; i<8; i++) { +# buffer[i] = password.charAt(i); +# } +# for (; i<16; i++) { +# buffer[i] = password.charAt(23-i); +# } +# for (; i<32; i+=2) { +# buffer[i] = password.charAt(46-i); +# } +# for (i=31; i>=17; i-=2) { +# buffer[i] = password.charAt(i); +# } +# String s = new String(buffer); +# return s.equals("jU5t_a_sna_3lpm11g54e_u_4_m4r042"); +# } + +def encode(xs: list): + assert len(xs) == 32 + result = [None] * 32 + + for i in range(0, 8): + result[i] = xs[i] + + for i in range(8, 16): + result[i] = xs[23 - i] + + for i in range(16, 32, 2): + result[i] = xs[46 - i] + + for i in range(31, 16, -2): + result[i] = xs[i] + + return result + +def decode(xs: list): + assert len(xs) == 32 + indices = list(range(len(xs))) + shuffled = encode(indices) + + ordered = [None] * len(xs) + for i, idx in enumerate(shuffled): + ordered[idx] = xs[i] + + return ordered + + +assert encode(decode( list(range(32)) )) == list(range(32)) + +def main(): + output = "jU5t_a_sna_3lpm11g54e_u_4_m4r042" + print("picoCTF{" + ''.join(decode(list(output))) + "}") + +if __name__ == '__main__': + main() +