Wednesday, 18 October 2017

CTF Writeup - Flare-On 2017 - 01: login.html

  • Name - login.html
  • Category - Reverse Engineering
  • Points - 1
  • Binary - Download here

This year's Flare-On challenge started with a very simple RE(?) challenge, an HTML page which asks for a key.

If we look at the HTML code it becomes apparent that it uses client-side authentication:
    <!DOCTYPE Html />
            <title>FLARE On 2017</title>

The javascript takes our input, operates on it and compares it with the string PyvragFvqrYbtvafNerRnfl@syner-ba.pbz. The algorithm is easy enough to recognize: ROT13. At this point we could either use online solutions such as or a simple python script such as the one below:

import codecs

print codecs.getencoder("rot-13")("PyvragFvqrYbtvafNerRnfl@syner-ba.pbz")[0]

The key is:

No comments:

Post a comment