Reversing Snake

What is the point of this challenge? I can’t really understand why it’s created in the way it is.

Solved eventually after much trial and error…
PM for tips!

Got so far by logic then completed by trial and error… I don’t like trial and error, even more so when it works and I still can’t figure out the logic I was supposed to use!

I got frustrated at this challenge for about 30 seconds; I fell into my familiar trap of taking certain things for granted. This is a very straight forward challenge. Step through the logic, determine if there is extraneous information, focus on only the things that matter, and this challenge falls open.

This challenge was ok.
Take away the learning point that it is often helpful to convert all the variables and functions back into pseudo-code when understanding custom scripts.

:wink: thumbs up to @3XPL017

I know how salty some people can be because you bothered to try to give the community something to enjoy that they didn’t…

Maybe they should write some better challenges themselves and get them added.

one big hint, put an eye on the “breakdowns”
I hate this challenge, btw, no sense the last logic for me, everything else was good, cheers!

@3XPL017 said:
I tried my best to write the code to make it as hard as possible to really understand what is going on still not sure why its getting so much hate. I know people that took only 5 min to solve it so really not that hard.

I think the reason why this challenge gets so much hate is related to the frustration when you realize you ran into a dead end (again) - combined with the feeling of missing information.

It is really easy to get strings from all the variables and find “Good Job”-credentials (feeling of success!). However, these credentials are not accepted as a flag (feeling of confusion! Is there a bug? Did I miss something? It told me I did a goood job!).
In addition, I felt a bit haphazard as I realize how much (or less) information the password check actually has. With this information, I lacked a targeted approach. I could only exclude what did not qualify as a valid password and start guessing. I did not have the link between the actual solution and the information from the password check. In retrospect, this link is obvious.

My hints in hindsight would be:

  • don’t expect the password check to solve the whole challange
  • also read the names of the variables

I have actually got the username and password within 5 minutes, but without checking them as the flag didn’t believe that the thing I got as the password was the password indeed.
Then after 2 hours of overthinking I just decided to try them in desparate. And that was the flag.
The challenge is very easy but confusing because of a lot of redundant data.

@haggy said:

@MistletoeH said:
I’m in the same boat - got the username and password, got the Good Job message, but now I’m not sure where to go. I think I understand the program logic but then again…

make sure you really understand the logic of the program. there’s something odd about a part in the end. And why is everyone talking about being trolled in here?

Tru using an ascii table with this, you will get the feeling. :wink:

Ok, I have been trolled too :angry: :lol:
After wasting a few hours in overthinking, I finally picked a different approach and I started to read what the code was literally saying…

Congrats @3XPL017 you are an evil genius :+1:

@blubyte said:
Ok, I have been trolled too :angry: :lol:
After wasting a few hours in overthinking, I finally picked a different approach and I started to read what the code was literally saying…

Congrats @3XPL017 you are an evil genius :+1:

This thread. :anguished:

There is actually no troll. None at all.

If you read the code and take all of what it says at face value then this challenge is trivially simple.

If you think there is some troll or some logic that you have to really understand (really very basic code) or that maybe you can’t read and debug code or that you even have to read all the code or the variable names have meaning… then it is very, very hard and you are truly well trolled.

But I do not think for a second that that was @3XPL017’s intention.

@izzie said:
But I do not think for a second that that was @3XPL017’s intention.

I think @3XPL017 wanted to make a joke (there is nothing to reverse in this challenge), and he did it in a really funny way. I’ve really appreciated how @3XPL017 trolled me for about 2 hours. Yes, when you understand the logic, challenge is trivial.
This is why i put my thumb up for @3XPL017 and this challenge :smiley:

Solved…but it’s not a reversing challenge…

I solved the “challenge”. Sorry, but the name of the challenge should be “The ■■■■”, not “The Snake”. It’s absolutely shitty and useless. It’s like “try to guess what the author thought at full moon last year”. I still don’t understand why this ■■■■ is in reverse challenges category.

My advice: don’t waste your time on this task! Seriously. You won’t learn anything new.

Also the only helpful hint in this thread: “Password is actually not a password but you can get it after encrypting your keys”. Thank you @AdmiralGaust !
Looks like other hints just called to confuse you.

Feel free to PM me for hint if you really decided to waste some time of your life solving this challenge ■■■■.

I totally got trolled… Great job. Silly extra stuff… If you are having issues, Don’t over think it.

“Password is actually not a password but you can get it after encrypting your keys”.

This hint is also confusing.

Why would you get your password after encrypting your keys :)?

@AdmiralGaust said:
Finally done it after wasting 45 minutes. I will like to give hint to others so as to prevent their waste of time.

“Password is actually not a password but you can get it after encrypting your keys”

Got it after spending 3.5 Hours on it! Three hours trying to solve it in all possible manner & last half an hour scrolling through the forum.

With the level of thinking it requires, Points must be increased from mere 10

Got it in like half an hour (with not even alot of python programming knowledge), I removed every line of code that wasn’t relevent. And I just ran every line bit by bit. There are a couple of lines that are just there to deceive you, but if you take another small piece of code and decode it the same way, you will actually get what you’re looking for. Don’t try the password in the script, because the script itself is deceiving as well.

do not overlook the problem description as well where it says Flag should be in the format: HTB{username:password}

I wasted almost two hours having all the pieces but entering the flag in wrong format.

@Meatex said:
Do yourself a favour and literally delete everything after and including the read input line and try to solve from there

Amen!