keygenme-py [picoCTF]

PicoCTFs
def check_key(key, username_trial):global key_full_template_trialif len(key) != len(key_full_template_trial):    return False
else:
# Check static base key part --vi = 0for c in key_part_static1_trial:if key[i] != c: return False
i += 1
# TODO : test performance on toolbox container# Check dynamic part --vif key[i] != hashlib.sha256(username_trial).hexdigest()[4]: return Falseelse: i += 1if key[i] != hashlib.sha256(username_trial).hexdigest()[5]: return Falseelse: i += 1if key[i] != hashlib.sha256(username_trial).hexdigest()[3]: return Falseelse: i += 1if key[i] != hashlib.sha256(username_trial).hexdigest()[6]: return Falseelse: i += 1if key[i] != hashlib.sha256(username_trial).hexdigest()[2]: return False

else:
i += 1if key[i] != hashlib.sha256(username_trial).hexdigest()[7]: return Falseelse: i += 1if key[i] != hashlib.sha256(username_trial).hexdigest()[1]: return Falseelse: i += 1if key[i] != hashlib.sha256(username_trial).hexdigest()[8]: return Falsereturn True
hashlib.sha256.hexdigest()

import hashlib
# got the global variable from the kegenme-trailbUsername_trial = b"GOUGH"key_part_static1_trial = "picoCTF{1n_7h3_|<3y_of_"key_part_dynamic1_trial = "xxxxxxxx"key_part_static2_trial = "}"key_part_dynamic1_trial=""s=hashlib.sha256(bUsername_trial).hexdigest()l=[4,5,3,6,2,7,8,6]for i in l:
key_part_dynamic1_trial+=s[i]
flag = key_part_static1_trial+ key_part_dynamic1_trial+ key_part_static2_trialprint()print(flag)

--

--

--

enthusiast cyber security learner and penetration tester / ethical hacker , python programmer and in my free time you will find me solving CTFs

Love podcasts or audiobooks? Learn on the go with our new app.

Recommended from Medium

HackWeakEnd Technology Event 2018

How to get your app featured on the App Store

Asynchronous Apex

Create an instance with a service account and access google drive on GCE

Test Driven Development

TDD Cycle

What are the best Open Source mBaaS?

Automation in Ansible

How to Shift From Reading Coding Tutorials to Building Your Own Projects

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Surya Dev Singh

Surya Dev Singh

enthusiast cyber security learner and penetration tester / ethical hacker , python programmer and in my free time you will find me solving CTFs

More from Medium

ARMssembly 0 [picoCTF]

RootMe: TryHackMe: writeup:-

Blue TryHackMe Write-Up

TryHackMe CTF Bounty Hacker: Walkthrough