SnowCrash Mission: Flag09

Objective: Retrieve the Level10 token to advance further in the SnowCrash challenge.

Home folder of user level09 contains two files level09 binary and token writen in it 'f4kmm6p|=�p�n��DB�Du{��'

The binary takes an argument and writes back a string with the same length as the argument

It is a substitution cipher

[ e(x) = x + index_of(x) ]

[ d(y) = y - index_of(y) ]

The code in decrypt.c below decrypts cipher and gives the password for flag09 user

#include <stdio.h>
#include <string.h>
#include <fcntl.h>
#include <unistd.h>
 
int	open_file(char *filename)
{
	int fd = open(filename, O_RDONLY);
	
	if (fd < 0)
		return -1;
	
	return fd;
}
 
int	decrypt(int c, int itr)
{
	return c - itr;
}
 
void	read_file(int fd)
{	
	unsigned char buff = 0;
	char string[1024];
	int itr = 0;
 
	while (read(fd, &buff, 1) > 0)
	{ 
		string[itr] = decrypt(buff, itr);
		itr++;
	}
	string[itr-1] = '\0';
	printf("%s\n", string);
	return ;
}
 
 
int	main(int ac, char **av)
{
	int fd;
 
	if (ac != 2){
		printf("Enter one argument");
		return 1;
	}
	fd = open_file(av[1]);
 
	read_file(fd);
	
	close(fd);
	return 0;
}

*[main][~/snowcrash/level09/Ressources]$ gcc decrypt.c -o decrypt
*[main][~/snowcrash/level09/Ressources]$ ./decrypt token|cat -e  
f3iji1ju5yuevaus41q1afiuq$
*[main][~/snowcrash/level09/Ressources]$

Now we login to user flag09 and getflag it.

level09@SnowCrash:~$ su flag09
Password:
Don't forget to launch getflag !
flag09@SnowCrash:~$ getflag
Check flag.Here is your token : s5cAJpM8ev6XHw998pRWG728z

Writeup Writeup