From f97767611b8c056822b0c57189dc0663a2c5ae39 Mon Sep 17 00:00:00 2001 From: Paul Kalauner Date: Mon, 28 Oct 2019 00:21:29 +0100 Subject: [PATCH] Update toaster/seccon19 writeup --- writeups/toaster/seccon19.md | 3 +++ 1 file changed, 3 insertions(+) diff --git a/writeups/toaster/seccon19.md b/writeups/toaster/seccon19.md index db43773..71ad579 100644 --- a/writeups/toaster/seccon19.md +++ b/writeups/toaster/seccon19.md @@ -2,6 +2,8 @@ Unfortunately I didn't have much time on this weekend so I couldn't play many challenges. Also, I was playing on saturday evening, so both of the challenges I solved where already solved by team mates. I was looking for some (more more less) short and easy challenges and I found two which I will describe in this writeup. I also tried some others (`Option-Cmd-U` and `Beeeeeeeeeer`) but not long enough to be mentioned in this writeup. +All in all I had fun solving the smaller challenges and was happy that there were some easier challenges too. It was very satisfying getting those flags, allthough it wasn't that hard. I also found out some new tricks how to bypass filters against SQL injection. + #### coffee_break I am usually not into crypto challenges (Still have bad memories about that mitm-crypto challenge of the InetSec course. Just kidding, was a nice challenge @cluosh), however this challenge had many solves in comparison to the others, so I tried my luck. Turned out that this was quite an easy challenge, as you had the source code of an encryption script, where you could simply do the steps the other way round: @@ -28,6 +30,7 @@ dec2 = cipher.decrypt(dec1 + chr(p) * p) print decrypt(key1, dec2) ``` +Executed with `python decrypt.py FyRyZNBO2MG6ncd3hEkC/yeYKUseI/CxYoZiIeV2fe/Jmtwx+WbWmU1gtMX9m905` this script gives us the correct flag. (`FyRyZN...` is the encrypted flag given in the challenge description.) My script only works with python 2 and adds gibberish at the end of the output, but the flag was correct so I didn't correct it. Flag: `SECCON{Success_Decryption_Yeah_Yeah_SECCON}` -- 2.43.0