misc/pw_crack_3

2024-09-03 17:18:53 +02:00 · 2024-09-03 17:18:53 +02:00 · b25861ff32
parent 3c4cc86337
commit b25861ff32
4 changed files with 59 additions and 0 deletions
--- a/misc/pw_crack_3/level3.flag.txt.enc
+++ b/misc/pw_crack_3/level3.flag.txt.enc
@ -0,0 +1,2 @@
 B[ZZqfN_]mTU\U[UmS
 XTD
--- a/misc/pw_crack_3/level3.hash.bin
+++ b/misc/pw_crack_3/level3.hash.bin
@ -0,0 +1 @@
 m`<60><>TA45<34><03><>&
--- a/misc/pw_crack_3/level3.py
+++ b/misc/pw_crack_3/level3.py
@ -0,0 +1,47 @@
 #!/usr/bin/env python3
 import hashlib
 ### THIS FUNCTION WILL NOT HELP YOU FIND THE FLAG --LT ########################
 def str_xor(secret, key):
    #extend key to secret length
    new_key = key
    i = 0
    while len(new_key) < len(secret):
        new_key = new_key + key[i]
        i = (i + 1) % len(key)
    return "".join([chr(ord(secret_c) ^ ord(new_key_c)) for (secret_c,new_key_c) in zip(secret,new_key)])
 ###############################################################################
 flag_enc = open('level3.flag.txt.enc', 'rb').read()
 correct_pw_hash = open('level3.hash.bin', 'rb').read()
 def hash_pw(pw_str):
    pw_bytes = bytearray()
    pw_bytes.extend(pw_str.encode())
    m = hashlib.md5()
    m.update(pw_bytes)
    return m.digest()
 def level_3_pw_check():
    user_pw = input("Please enter correct password for flag: ")
    user_pw_hash = hash_pw(user_pw)
    if( user_pw_hash == correct_pw_hash ):
        print("Welcome back... your flag, user:")
        decryption = str_xor(flag_enc.decode(), user_pw)
        print(decryption)
        return
    print("That password is incorrect")
 level_3_pw_check()
 # The strings below are 7 possibilities for the correct password. 
 #   (Only 1 is correct)
 pos_pw_list = ["8799", "d3ab", "1ea2", "acaf", "2295", "a9de", "6f3d"]
--- a/misc/pw_crack_3/output.txt
+++ b/misc/pw_crack_3/output.txt
@ -0,0 +1,9 @@
 $ for pw in 8799 d3ab 1ea2 acaf 2295 a9de 6f3d; do ./level3.py <<<"$pw"; done
 Please enter correct password for flag: That password is incorrect
 Please enter correct password for flag: That password is incorrect
 Please enter correct password for flag: That password is incorrect
 Please enter correct password for flag: That password is incorrect
 Please enter correct password for flag: Welcome back... your flag, user:
 picoCTF{m45h_fl1ng1ng_6f98a49f}
 Please enter correct password for flag: That password is incorrect
 Please enter correct password for flag: That password is incorrect