help@cyb4rgeek.xyz

+1 (512) 588 6950

Safe Opener — Reverse Engineering | PicoCTF

Home/Safe Opener — Reverse Engine...
Safe Opener — Reverse Engineering | PicoCTF

Program code of SafeOpener: java

import java.io.*;
import java.util.*;  
public class SafeOpener {
public static void main(String args[]) throws IOException {
BufferedReader keyboard = new BufferedReader(new InputStreamReader(System.in));
Base64.Encoder encoder = Base64.getEncoder();
String encodedkey = "";
String key = "";
int i = 0;
boolean isOpen;

while (i < 3) {
System.out.print(“Enter password for the safe: “);
key = keyboard.readLine();

encodedkey = encoder.encodeToString(key.getBytes());
System.out.println(encodedkey);

isOpen = openSafe(encodedkey);
if (!isOpen) {
System.out.println(“You have ” + (2 – i) + ” attempt(s) left”);
i++;
continue;
}
break;
}
}

public static boolean openSafe(String password) {
String encodedkey = “cGwzYXMzX2wzdF9tM18xbnQwX3RoM19zYWYz”;

if (password.equals(encodedkey)) {
System.out.println(“Sesame open”);
return true;
}
else {
System.out.println(“Password is incorrect\n”);
return false;
}
}
}

 

The output of SafeOpener.java:

Compile the java Program and Execute it via the Following Commands
Make sure to give the Path of javac File like I given in the screenshot

javac SafeOpener.java
java SafeOpenerChecks whether the 
  1. The Program has a Condition Statement while which will Execute the loop 3 Times
  2. Each time the string we enter is Converted to base64 and passed to a Method called openSafe
  3. The method Checks whether the given base64 code matches to a encodedkey — Which is the Flag in decoded Format
  4. If the given Encoded string equals the encodedkey then it will print “sesame open”

Solution:

Simply Decoding the Encodedkey in base64 will give you the Flag
Use the command line or any other Online Decoders to decode

echo "cGwzYXMzX2wzdF9tM18xbnQwX3RoM19zYWYz" | base64 -d
Ans: picoCTF{pl3as3_l3t_m3_1nt0_th3_saf3}

Thank you for Reading!!


picoctf , ctf , reverse engineering , write up , beginner challenge , karthikeyan nagaraj , cyberw1ng

Leave a Reply