I'm trying to teach my son to be ethical about hacking, meaning that he should obey the laws and have permission before doing any kind of pen-testing. I think that these ctfs are a good way to have fun, and learn, while being honest and ethical at the same time.
I looked at the sample problems under the "About" part of the menu and solved them for fun. I showed my son the solutions. (If he tries this ctf, I will not help him beyond giving him search parameters for Google.)
The first sample was an easy substitution cipher. I've seen plenty of these, so I recognized it immediately. I think that pretty much anyone over the age of 5 can see these for what they are.
The second sample problem was a reversing problem.
x = raw_input("enter the password: ");
y = "";
for c in x:
y += chr(ord(c) ^ 14);
if y == "ko}wmzhugQocQoQhbois":
print "congratz the flag is " + y;
else:
print "nope";
They were asking for the flag. If I read the program properly, the flag is the contents of the variable x. In the program it says, print "congratz the flag is" and the variable y. The contents of variable y was ko}wmzhugQocQoQhbois. You get that by Bitwise XORing each character of x with the decimal number 14. I was curious about what password one would have to enter to get that flag placed into variable y, so I wrote a small python program to see.
No comments:
Post a Comment