oysteikt/picoctf
oysteikt
/
picoctf
0
0
Fork 0
Code Issues Pull Requests Activity

misc/pw_crack_3

This commit is contained in:
Oystein Kristoffer Tveit 2024-09-03 17:18:53 +02:00
parent 3c4cc86337
commit b25861ff32
Signed by: oysteikt
GPG Key ID: 9F2F7D8250F35146
4 changed files with 59 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
misc/pw_crack_3/level3.flag.txt.enc Normal file
View File

@ -0,0 +1,2 @@
B[ZZqfN_ ]mTU\U[UmS
X TD

1
misc/pw_crack_3/level3.hash.bin Normal file
View File

@ -0,0 +1 @@
m`<60><>TA 45<34><03><>&

47
misc/pw_crack_3/level3.py Executable file
View File

@ -0,0 +1,47 @@
#!/usr/bin/env python3
import hashlib
### THIS FUNCTION WILL NOT HELP YOU FIND THE FLAG --LT ########################
def str_xor(secret, key):
#extend key to secret length
new_key = key
i = 0
while len(new_key) < len(secret):
new_key = new_key + key[i]
i = (i + 1) % len(key)
return "".join([chr(ord(secret_c) ^ ord(new_key_c)) for (secret_c,new_key_c) in zip(secret,new_key)])
###############################################################################
flag_enc = open('level3.flag.txt.enc', 'rb').read()
correct_pw_hash = open('level3.hash.bin', 'rb').read()
def hash_pw(pw_str):
pw_bytes = bytearray()
pw_bytes.extend(pw_str.encode())
m = hashlib.md5()
m.update(pw_bytes)
return m.digest()
def level_3_pw_check():
user_pw = input("Please enter correct password for flag: ")
user_pw_hash = hash_pw(user_pw)
if( user_pw_hash == correct_pw_hash ):
print("Welcome back... your flag, user:")
decryption = str_xor(flag_enc.decode(), user_pw)
print(decryption)
return
print("That password is incorrect")
level_3_pw_check()
# The strings below are 7 possibilities for the correct password.
# (Only 1 is correct)
pos_pw_list = ["8799", "d3ab", "1ea2", "acaf", "2295", "a9de", "6f3d"]

9
misc/pw_crack_3/output.txt Normal file
View File

@ -0,0 +1,9 @@
$ for pw in 8799 d3ab 1ea2 acaf 2295 a9de 6f3d; do ./level3.py <<<"$pw"; done
Please enter correct password for flag: That password is incorrect
Please enter correct password for flag: That password is incorrect
Please enter correct password for flag: That password is incorrect
Please enter correct password for flag: That password is incorrect
Please enter correct password for flag: Welcome back... your flag, user:
picoCTF{m45h_fl1ng1ng_6f98a49f}
Please enter correct password for flag: That password is incorrect
Please enter correct password for flag: That password is incorrect