SnowCrash Mission: Flag09
Objective: Retrieve the Level10 token to advance further in the SnowCrash challenge.
Home folder of user level09 contains two files level09 binary and
token writen in it 'f4kmm6p|=�p�n��DB�Du{��'
The binary takes an argument and writes back a string with the same length as the argument
It is a substitution cipher
[ e(x) = x + index_of(x) ]
[ d(y) = y - index_of(y) ]
The code in decrypt.c below decrypts cipher and gives the password for flag09 user
#include <stdio.h>
#include <string.h>
#include <fcntl.h>
#include <unistd.h>
int open_file(char *filename)
{
int fd = open(filename, O_RDONLY);
if (fd < 0)
return -1;
return fd;
}
int decrypt(int c, int itr)
{
return c - itr;
}
void read_file(int fd)
{
unsigned char buff = 0;
char string[1024];
int itr = 0;
while (read(fd, &buff, 1) > 0)
{
string[itr] = decrypt(buff, itr);
itr++;
}
string[itr-1] = '\0';
printf("%s\n", string);
return ;
}
int main(int ac, char **av)
{
int fd;
if (ac != 2){
printf("Enter one argument");
return 1;
}
fd = open_file(av[1]);
read_file(fd);
close(fd);
return 0;
}
*[main][~/snowcrash/level09/Ressources]$ gcc decrypt.c -o decrypt
*[main][~/snowcrash/level09/Ressources]$ ./decrypt token|cat -e
f3iji1ju5yuevaus41q1afiuq$
*[main][~/snowcrash/level09/Ressources]$
Now we login to user flag09 and getflag it.
level09@SnowCrash:~$ su flag09
Password:
Don't forget to launch getflag !
flag09@SnowCrash:~$ getflag
Check flag.Here is your token : s5cAJpM8ev6XHw998pRWG728z