picoCTF Reverse Engineering Guide

here's how to solve vault-door-4

Back to the Reverse Engineering Guides

vault-door-4

Name: vault-door-4
Description: This vault uses ASCII encoding for the password. The source code for this vault is here: VaultDoor4.java
Author: Mark E. Haase
Tags: Medium, Reverse Engineering, picoCTF 2019
Challenge from: picoCTF 2019
Files: VaultDoor4.java
Hints:
1. Use a search engine to find an "ASCII table".
2. You will also need to know the difference between octal, decimal, and hexadecimal numbers.

Theory

According to the description, this is gonna be a series of challenges of "doors", that are like codes we have to change or something to get the flag of each door, and that kinda stuff. So for this fourth one, it's gonna be about some ASCII stuff, maybe encodings of these? Idk, alright, let's go download the code and see what's inside.

Solution

So, let's open the code we just downloaded and see what's going on in this door (also now I'm just gonna put the only part of the code that matters):

public boolean checkPassword(String password) {
    byte[] passBytes = password.getBytes();
    byte[] myBytes = {
        106 , 85  , 53  , 116 , 95  , 52  , 95  , 98  ,
        0x55, 0x6e, 0x43, 0x68, 0x5f, 0x30, 0x66, 0x5f,
        0142, 0131, 0164, 063 , 0163, 0137, 070 , 0146,
        '4' , 'a' , '6' , 'c' , 'b' , 'f' , '3' , 'b' ,
    };
    for (int i=0; i<32; i++) {
        if (passBytes[i] != myBytes[i]) {
            return false;
        }
    }
    return true;
}

Yeah, this one seems easy. There are four types of encoding in there it seems. The first line is just decimal, because it's just the numbers by themselves, so for this first one we can use a decimal to text converter:

DECIMAL TO TEXT (online converter)

INPUT: 106 , 85  , 53  , 116 , 95  , 52  , 95  , 98

OUTPUT: jU5t_4_b

Now the second line, has 0x at the beginning of each character, so that means it's hex:

HEXADECIMAL TO TEXT (online converter)

INPUT: 0x55, 0x6e, 0x43, 0x68, 0x5f, 0x30, 0x66, 0x5f

OUTPUT: UnCh_0f_

For this one, it's pretty simple, large numbers with an unecessary zero in the start of each, obviously octal:

OCTAL TO TEXT (online converter)

INPUT: 0142, 0131, 0164, 063 , 0163, 0137, 070 , 0146

OUTPUT: bYt3s_8f

And now the last one, I was actually wrong, this one's not encoded, so we'll just add them to the other three parts and add the flag format:

['4', 'a', '6', 'c', 'b', 'f', '3', 'b'] => "4a6cbf3b"
picoCTF{jU5t_4_bUnCh_0f_bYt3s_8f4a6cbf3b}

There we go! That's the flag.

I rated this level as "good"! :3

https://play.picoctf.org/practice/challenge/71

Explore My Website