Drunk Christmas
Flag: HACKDAY{Simple_Secrets_For_Weak_Cipher_1134567892}
Challenge
Description
Last year people were angry at my chall for needing the use of open-source tools such as bkcrack. This year's chall still has zips, but they have NO passwords. HA ! You still need to decrypt the flag, tho. glhf
challenges.hackday.fr:53073
Ce challenge tourne sur un docker et n'est pas disponible
Solution
On sait que le flag commence par HACKDA, en envoyant un fichier commençant par la même chose, on peut voir que le résultat (notre fichier chiffré) commence de la même façon que le flag chiffré.
On en déduit que pour un même caractère à la même position, on obtient la même chose. Il faut donc tester tous les caractères à toutes les positions et comparer avec le flag chiffré pour en déduire le flag.
En python ça donne :
import requests
from io import BytesIO
from bs4 import BeautifulSoup
import zipfile
import string
url = 'http://challenges.hackday.fr:53073'
charset = string.ascii_letters + string.digits + string.punctuation
flag_size = 50
def attempt(c: str):
response = requests.post(f'{url}/secure_sharing', files={'file': BytesIO(c.encode() * flag_size)})
link = BeautifulSoup(response.content, 'html.parser').find('a')['href']
z = zipfile.ZipFile(BytesIO(requests.get(f'{url}{link}').content), 'r')
return z.read('file.enc'), z.read('flag.txt.enc')
flag = ['_'] * flag_size
for c in charset:
enc, flag_enc = attempt(c)
print(c, end=' ')
for i in range(len(flag_enc)):
if enc[i] == flag_enc[i]:
flag[i] = c
print(''.join(flag))a _____________________________a____________________
b _____________________________a____________________
c _________________c___________a____________________
d _________________c___________a____________________
e _____________e__ec_e________ea______e_____________
f _____________e__ec_e________ea______e_____________
g _____________e__ec_e________ea______e_____________
h _____________e__ec_e________ea_____he_____________
i _________i___e__ec_e________ea___i_he_____________
j _________i___e__ec_e________ea___i_he_____________
k _________i___e__ec_e________eak__i_he_____________
l _________i__le__ec_e________eak__i_he_____________
m _________im_le__ec_e________eak__i_he_____________
n _________im_le__ec_e________eak__i_he_____________
o _________im_le__ec_e____o___eak__i_he_____________
p _________imple__ec_e____o___eak__iphe_____________
q _________imple__ec_e____o___eak__iphe_____________
r _________imple__ecre____or__eak__ipher____________
s _________imple__ecre_s__or__eak__ipher____________
t _________imple__ecrets__or__eak__ipher____________
u _________imple__ecrets__or__eak__ipher____________
v _________imple__ecrets__or__eak__ipher____________
w _________imple__ecrets__or__eak__ipher____________
x _________imple__ecrets__or__eak__ipher____________
y _________imple__ecrets__or__eak__ipher____________
z _________imple__ecrets__or__eak__ipher____________
A _A___A___imple__ecrets__or__eak__ipher____________
B _A___A___imple__ecrets__or__eak__ipher____________
C _AC__A___imple__ecrets__or__eak_Cipher____________
D _AC_DA___imple__ecrets__or__eak_Cipher____________
E _AC_DA___imple__ecrets__or__eak_Cipher____________
F _AC_DA___imple__ecrets_For__eak_Cipher____________
G _AC_DA___imple__ecrets_For__eak_Cipher____________
H HAC_DA___imple__ecrets_For__eak_Cipher____________
I HAC_DA___imple__ecrets_For__eak_Cipher____________
J HAC_DA___imple__ecrets_For__eak_Cipher____________
K HACKDA___imple__ecrets_For__eak_Cipher____________
L HACKDA___imple__ecrets_For__eak_Cipher____________
M HACKDA___imple__ecrets_For__eak_Cipher____________
N HACKDA___imple__ecrets_For__eak_Cipher____________
O HACKDA___imple__ecrets_For__eak_Cipher____________
P HACKDA___imple__ecrets_For__eak_Cipher____________
Q HACKDA___imple__ecrets_For__eak_Cipher____________
R HACKDA___imple__ecrets_For__eak_Cipher____________
S HACKDA__Simple_Secrets_For__eak_Cipher____________
T HACKDA__Simple_Secrets_For__eak_Cipher____________
U HACKDA__Simple_Secrets_For__eak_Cipher____________
V HACKDA__Simple_Secrets_For__eak_Cipher____________
W HACKDA__Simple_Secrets_For_Weak_Cipher____________
X HACKDA__Simple_Secrets_For_Weak_Cipher____________
Y HACKDAY_Simple_Secrets_For_Weak_Cipher____________
Z HACKDAY_Simple_Secrets_For_Weak_Cipher____________
0 HACKDAY_Simple_Secrets_For_Weak_Cipher____________
1 HACKDAY_Simple_Secrets_For_Weak_Cipher_11_________
2 HACKDAY_Simple_Secrets_For_Weak_Cipher_11_______2_
3 HACKDAY_Simple_Secrets_For_Weak_Cipher_113______2_
4 HACKDAY_Simple_Secrets_For_Weak_Cipher_1134_____2_
5 HACKDAY_Simple_Secrets_For_Weak_Cipher_11345____2_
6 HACKDAY_Simple_Secrets_For_Weak_Cipher_113456___2_
7 HACKDAY_Simple_Secrets_For_Weak_Cipher_1134567__2_
8 HACKDAY_Simple_Secrets_For_Weak_Cipher_11345678_2_
9 HACKDAY_Simple_Secrets_For_Weak_Cipher_1134567892_
! HACKDAY_Simple_Secrets_For_Weak_Cipher_1134567892_
" HACKDAY_Simple_Secrets_For_Weak_Cipher_1134567892_
# HACKDAY_Simple_Secrets_For_Weak_Cipher_1134567892_
$ HACKDAY_Simple_Secrets_For_Weak_Cipher_1134567892_
% HACKDAY_Simple_Secrets_For_Weak_Cipher_1134567892_
& HACKDAY_Simple_Secrets_For_Weak_Cipher_1134567892_
' HACKDAY_Simple_Secrets_For_Weak_Cipher_1134567892_
( HACKDAY_Simple_Secrets_For_Weak_Cipher_1134567892_
) HACKDAY_Simple_Secrets_For_Weak_Cipher_1134567892_
* HACKDAY_Simple_Secrets_For_Weak_Cipher_1134567892_
+ HACKDAY_Simple_Secrets_For_Weak_Cipher_1134567892_
, HACKDAY_Simple_Secrets_For_Weak_Cipher_1134567892_
- HACKDAY_Simple_Secrets_For_Weak_Cipher_1134567892_
. HACKDAY_Simple_Secrets_For_Weak_Cipher_1134567892_
/ HACKDAY_Simple_Secrets_For_Weak_Cipher_1134567892_
: HACKDAY_Simple_Secrets_For_Weak_Cipher_1134567892_
; HACKDAY_Simple_Secrets_For_Weak_Cipher_1134567892_
< HACKDAY_Simple_Secrets_For_Weak_Cipher_1134567892_
= HACKDAY_Simple_Secrets_For_Weak_Cipher_1134567892_
> HACKDAY_Simple_Secrets_For_Weak_Cipher_1134567892_
? HACKDAY_Simple_Secrets_For_Weak_Cipher_1134567892_
@ HACKDAY_Simple_Secrets_For_Weak_Cipher_1134567892_
[ HACKDAY_Simple_Secrets_For_Weak_Cipher_1134567892_
\ HACKDAY_Simple_Secrets_For_Weak_Cipher_1134567892_
] HACKDAY_Simple_Secrets_For_Weak_Cipher_1134567892_
^ HACKDAY_Simple_Secrets_For_Weak_Cipher_1134567892_
_ HACKDAY_Simple_Secrets_For_Weak_Cipher_1134567892_
` HACKDAY_Simple_Secrets_For_Weak_Cipher_1134567892_
{ HACKDAY{Simple_Secrets_For_Weak_Cipher_1134567892_
| HACKDAY{Simple_Secrets_For_Weak_Cipher_1134567892_
} HACKDAY{Simple_Secrets_For_Weak_Cipher_1134567892}
~ HACKDAY{Simple_Secrets_For_Weak_Cipher_1134567892}Dernière mise à jour
Cet article vous a-t-il été utile ?