Monday 24 March 2014

Backdoor CTF 2014 Misc-200-2

This was an awesome challenge and we solved it in a different way.It was fun solving this challenge.We knew that using python we can code this.But we were almost getting the flag when we realized that.

Question :
Username and password based login seemed a bit too monotonous. We developed an indigenous image based login system.

The login service is available here.

The image below can be used to login as the backdoor user. Unfortunately that doesn't serve any purpose.
Login as the sdslabs user for a change.


Submit the flag as: md5(flag_obtained)

Before we got in we loaded the image and saw how it would look like..

So our first approach was paint and look what we found..
So we tried figuring out logic for this coz when we took out the last dot we were getting " Logged in as backdoop"
After which my friend figured out the logic.
01100010 -b
01100001 -a
01100011 -c
01101011 -k
01100100 -d
01101111 -o
01101111 -o
01110010 -r

01110011 -s
01100100 -d
01110011 -s
01101100 -l
01100001 -a
01100010 -b
01110011 -s

Black dot was 1 and the space or blank is 0..This is how we figured it out.
We used colorfiller and filled out accordingly what sdslabs would look like and when put in paint and seen it would look like this.
"Logged in as sdslabs
Congrats the flag is practice_makes_one_perfect"

md5("practice_makes_one_perfect") => c16a3c8504985a8c91956c29f7338184

FLAG : c16a3c8504985a8c91956c29f7338184

No comments:

Post a Comment

enter valid comments.Suggestions are most welcome and would be interested in correcting my mistakes.