level14 of Nebula wargame says that we have a binary that takes input from standard input and outputs an encryption. Our goal is to decrypt the token file.
[email protected]:~$ cat ../flag14/tokenPlaying a bit with the binary, we see that the "encryption" is just encoding the input by incrementing characters one-by-one with a value that starts at 0 and is increased by 1 each time.
[email protected]:~$ echo -n "aaaaaaaaaaaaa" | ../flag14/flag14 -eTaking this into account, decrypting the content of token becomes trivial. A simple python script for the task.
[email protected]:~$ cat dec.pyWe login into flag14 and getflag!
result = ""
pos = 0
with open(sys.argv, "r") as f:
for c in f.read()[:-1]:
result += chr(ord(c) - pos)
pos += 1
[email protected]:~$ python dec.py ../flag14/token
[email protected]:~$ getflag
You have successfully executed getflag on a target account