First, dowload both the files in store them in the same directory. (level1.py and level1.flag.txt.enc).
Open up the level1.py using your favorite editor or with the following command from the terminal.
nano level1.py
### THIS FUNCTION WILL NOT HELP YOU FIND THE FLAG --LT ########################
def str_xor(secret, key):
#extend key to secret length
new_key = key
i = 0
while len(new_key) < len(secret):
new_key = new_key + key[i]
i = (i + 1) % len(key)
return "".join([chr(ord(secret_c) ^ ord(new_key_c)) for (secret_c,new_key_c) in zip(secret,new_key)])
###############################################################################
flag_enc = open('level1.flag.txt.enc', 'rb').read()
def level_1_pw_check():
user_pw = input("Please enter correct password for flag: ")
if( user_pw == "1e1a"):
print("Welcome back... your flag, user:")
decryption = str_xor(flag_enc.decode(), user_pw)
print(decryption)
return
print("That password is incorrect")
level_1_pw_check()
If you look at the function level_1_pw_check, the password is hidden into plain sight, inside the if statement.
if( user_pw == "1e1a"):
Finally, run the python script and enter the above password using the following command.
python3 level1.py
Congrats, you’ve got the flag!
Subscribe to our email newsletter and unlock access to members-only content and exclusive updates.
Comments