Duy's Tinkerings

picoCTF 2022 | Safe Opener Write-up

Challenge description

Can you open this safe? I forgot the key to my safe but this program is supposed to help me with retrieving the lost key. Can you help me unlock my safe? Put the password you recover into the picoCTF flag format like: picoCTF{password}

Category: Reverse Engineering

Solution

The challenge provided us with a program, let’s take a look at its source code:

The first thing to catch my eyes

After we input a password, it will be encoded in some way. Using my text editor VS Code, I can hover over encodeToString to see what it does

A very helpful feature

Seems like it will take the string and encode it to base64. Right below this is the code that will check our password:

So unless our base64-encoded password matches the encodedkey variable, we cannot get the flag. Luckily, we can just decode it into plaintext using tools like CyberChef

Give the program this password and receive the flag!

Leguminosae

, ,
, ,

Leave a Reply

Fill in your details below or click an icon to log in:

Gravatar
WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Cancel

Connecting to %s

%d bloggers like this: