Skip to content

Latest commit

 

History

History
41 lines (29 loc) · 1.26 KB

README.md

File metadata and controls

41 lines (29 loc) · 1.26 KB

Day 11. Santa's lost password

Last Christmas elves, used this website to encrypt the password for Santa. They encrypted the password and saved it on the website but forgot to implement a function for decoding the password. Can you help them retrieve the password? The only thing they remember about the password is that it contains the name of one of Santa's reindeer.

Website can be found on this url: https://naughty.owasp.si/deployed/christmas-decode/

IMPORTANT: The flag for this challenge is not in the standard competition format.

Solution

Here is the copy of the website, just in case. The website is just a static website and contains this info:

Flag to decode

-49, -4, 7, -10, -16, -8, -4, 3, -41, -14, -7, -14, -5, -16, -14, -8, -49, -7, -10, 1, 7, -14, -5

along with encode() function. To get the flag, we should implement decode() function.

Here is one way to do that. We don't know what the random key used to encode was. So, we just print out all possible inputs for a given ciphertext. Look carefully for a flag:

$ ./solution.py | strings
-8'!)-4
#*#,!#)
*'28#,
...
AnyhbjnuIdkdmbdjAkhsydm
BozickovJelencekBlitzen
Cp{jdlpwKfmfodflCmju{fo
...
uw}T~{
vx~U

The flag is

ctf{BozickovJelencekBlitzen}