Description
Can you crack the password to get the flag?Download the password checker here and you’ll need the encrypted flag in the same directory too.
Hint 1
Does that encoding look familiar?
Hint 2
The
str_xorfunction does not need to be reverse engineered for this challenge.
Step 1
When looking at the password checker file we see the line if( user_pw == chr(0x35) + chr(0x39) + chr(0x30) + chr(0x39) ): . We can do the same thing we did in Glitch Cat and use the python interpreter to get find out what the correct value should be.
>>> chr(0x35) + chr(0x39) + chr(0x30) + chr(0x39)
'5909'we can now run the password checker and provide it the correct password.
Please enter correct password for flag: 5909
Welcome back... your flag, user:
picoCTF{tr******************96}Flag
Flag
picoCTF{tr45h_51ng1ng_b0539d96}