+1 (512) 588 6950

Safe Opener — Reverse Engineering | PicoCTF

Home/Safe Opener — Reverse Engine...
Safe Opener — Reverse Engineering | PicoCTF

Program code of SafeOpener: java

import java.util.*;  
public class SafeOpener {
public static void main(String args[]) throws IOException {
BufferedReader keyboard = new BufferedReader(new InputStreamReader(;
Base64.Encoder encoder = Base64.getEncoder();
String encodedkey = "";
String key = "";
int i = 0;
boolean isOpen;

while (i < 3) {
System.out.print(“Enter password for the safe: “);
key = keyboard.readLine();

encodedkey = encoder.encodeToString(key.getBytes());

isOpen = openSafe(encodedkey);
if (!isOpen) {
System.out.println(“You have ” + (2 – i) + ” attempt(s) left”);

public static boolean openSafe(String password) {
String encodedkey = “cGwzYXMzX2wzdF9tM18xbnQwX3RoM19zYWYz”;

if (password.equals(encodedkey)) {
System.out.println(“Sesame open”);
return true;
else {
System.out.println(“Password is incorrect\n”);
return false;


The output of

Compile the java Program and Execute it via the Following Commands
Make sure to give the Path of javac File like I given in the screenshot

java SafeOpenerChecks whether the 
  1. The Program has a Condition Statement while which will Execute the loop 3 Times
  2. Each time the string we enter is Converted to base64 and passed to a Method called openSafe
  3. The method Checks whether the given base64 code matches to a encodedkey — Which is the Flag in decoded Format
  4. If the given Encoded string equals the encodedkey then it will print “sesame open”


Simply Decoding the Encodedkey in base64 will give you the Flag
Use the command line or any other Online Decoders to decode

echo "cGwzYXMzX2wzdF9tM18xbnQwX3RoM19zYWYz" | base64 -d
Ans: picoCTF{pl3as3_l3t_m3_1nt0_th3_saf3}

Thank you for Reading!!

picoctf , ctf , reverse engineering , write up , beginner challenge , karthikeyan nagaraj , cyberw1ng

Leave a Reply