back to home

OGN Challenge #1

This challenge can be found when Dmitri aims his "smart" gun at Wheeler.

The Setup

Wheeler has gained access to the pirates' smart rifles via an interactive console. Help him take control of them!

You will also get a console access command that uses the nc (netcat) command, and a python script for the server code.

The Decryption

Taking a look at the administrator login logic, we notice that the password that we input is compared to admin_pw. This variable is computed on the fly, using a static hard-coded value. If we execute the same computation, we should get the admin password in plaintext:

admin_pw_encrypted = '6d6e71775b7174727b7d6f6f536460506479774c677877656c4668727a717b40494f46565751545e'
admin_pw = ''.join(chr(ord(c) ^ i) for i, c in enumerate(bytes.fromhex(admin_pw_encrypted).decode("utf-8")))
print(admin_pw)

Success! The password is most_trusted_in_the_smart_rifle_industry.

Now, getting the flag requires you to connect to the server using the given command, pressing 2 to enter the admin login, entering the password, and then pressing 1 to activate the FRIEND-OR-FOE system.