diff --git a/rev/vault_door_5/VaultDoor5.java b/rev/vault_door_5/VaultDoor5.java new file mode 100644 index 0000000..3359009 --- /dev/null +++ b/rev/vault_door_5/VaultDoor5.java @@ -0,0 +1,49 @@ +import java.net.URLDecoder; +import java.util.*; + +class VaultDoor5 { + public static void main(String args[]) { + VaultDoor5 vaultDoor = new VaultDoor5(); + Scanner scanner = new Scanner(System.in); + System.out.print("Enter vault password: "); + String userInput = scanner.next(); + String input = userInput.substring("picoCTF{".length(),userInput.length()-1); + if (vaultDoor.checkPassword(input)) { + System.out.println("Access granted."); + } else { + System.out.println("Access denied!"); + } + } + + // Minion #7781 used base 8 and base 16, but this is base 64, which is + // like... eight times stronger, right? Riiigghtt? Well that's what my twin + // brother Minion #2415 says, anyway. + // + // -Minion #2414 + public String base64Encode(byte[] input) { + return Base64.getEncoder().encodeToString(input); + } + + // URL encoding is meant for web pages, so any double agent spies who steal + // our source code will think this is a web site or something, defintely not + // vault door! Oh wait, should I have not said that in a source code + // comment? + // + // -Minion #2415 + public String urlEncode(byte[] input) { + StringBuffer buf = new StringBuffer(); + for (int i=0; i str: + return ''.join(chr(int(x, 16)) for x in input.split('%')[1:]) + +def main(): + expected = ( + "JTYzJTMwJTZlJTc2JTMzJTcyJTc0JTMxJTZlJTY3JTVm" + "JTY2JTcyJTMwJTZkJTVmJTYyJTYxJTM1JTY1JTVmJTM2" + "JTM0JTVmJTY0JTMxJTM5JTM0JTM4JTY0JTM0JTY1" + ) + + url_encoded = base64.b64decode(expected).decode() + + result = url_decode(url_encoded) + + print(f"picoCTF{{{result}}}") + +if __name__ == '__main__': + main() +