Reversing Snake

13

Comments

  • @AdmiralGaust said:
    Finally done it after wasting 45 minutes. I will like to give hint to others so as to prevent their waste of time.

    "Password is actually not a password but you can get it after encrypting your keys"

    Got it after spending 3.5 Hours on it! Three hours trying to solve it in all possible manner & last half an hour scrolling through the forum.

    With the level of thinking it requires, Points must be increased from mere 10

  • edited September 2018

    Got it in like half an hour (with not even alot of python programming knowledge), I removed every line of code that wasn't relevent. And I just ran every line bit by bit. There are a couple of lines that are just there to deceive you, but if you take another small piece of code and decode it the same way, you will actually get what you're looking for. Don't try the password in the script, because the script itself is deceiving as well.

    Xitro

  • do not overlook the problem description as well where it says Flag should be in the format: HTB{username:password}

    I wasted almost two hours having all the pieces but entering the flag in wrong format.

  • @Meatex said:
    Do yourself a favour and literally delete everything after and including the read input line and try to solve from there

    Amen!

  • edited September 2018

    I just solved this, after much head-scratching. But, I have to say that there IS a clear clue as to which of the variables contains the password. It is there in plain sight once you do the normal stuff to read it. You just need to understand how the logic of the code then hides it from you.

  • I spent 2 days racking my brain on what I was missing. I over complicated it. Simplify everything about this challenge and it'll become clear.

    Hack The Box

  • I too had trouble getting this to give the correct flag. The password only checks 1 character, but the flag requires more... but not all... so its pointless.

  • i am still confused 2 days almost passed, such a noob i am, i got username but only 1 character password, everyone saying this is troll challenge the solution is on printing variables but still.... i am getting only WEIRD numbers and maybe ascii , please can anyone give me hint i will be very appreciated to you:(


    Leaning From Cracking......

  • @CrKMinD said:
    i am still confused 2 days almost passed, such a noob i am, i got username but only 1 character password, everyone saying this is troll challenge the solution is on printing variables but still.... i am getting only WEIRD numbers and maybe ascii , please can anyone give me hint i will be very appreciated to you:(

    oh i forgot to mention "this is a troll password!! its not that easy keep trying" CONFUSED


    Leaning From Cracking......

  • @CrKMinD this challenge is easier then you think. I eventually got it with a password that I thought I had tried way at the beginning already!

    Just try something that starts with the correct letter but doesn't include the troll part, just like @LocksmithArmy said.

  • edited October 2018

    @jippiedoe said:
    @CrKMinD this challenge is easier then you think. I eventually got it with a password that I thought I had tried way at the beginning already!

    Just try something that starts with the correct letter but doesn't include the troll part, just like @LocksmithArmy said.

    may i PM you please i am still confused @jippiedoe


    Leaning From Cracking......

  • GOT THE STUPID SNAKE BY ITS TAIL...
    JUST KICKED OUT ONE BLOODY SHIT LOOP....
    AND JUST JOINED IT...
    AND THE PASSWORD IS TRULY MISLEADING...
    JUST TRY EVERY SEQUENCE YOU HAVE AS THE PASSWORD...

    YOU CAN ALSO SURELY CATCH THE SNAKE BU ITS TAIL..................

    HAPPY SNAKE HUNTING

  • @jippiedoe said:
    @CrKMinD this challenge is easier then you think. I eventually got it with a password that I thought I had tried way at the beginning already!

    Just try something that starts with the correct letter but doesn't include the troll part, just like @LocksmithArmy said.

    This! I think this is the lesson of this challenge.

  • @B1ackF1ag said:
    GOT THE STUPID SNAKE BY ITS TAIL...
    JUST KICKED OUT ONE BLOODY SHIT LOOP....
    AND JUST JOINED IT...
    AND THE PASSWORD IS TRULY MISLEADING...
    JUST TRY EVERY SEQUENCE YOU HAVE AS THE PASSWORD...

    YOU CAN ALSO SURELY CATCH THE SNAKE BU ITS TAIL..................

    HAPPY SNAKE HUNTING

    Holy Caps Lock Batman! Why are you yelling at me?

    --Skunkfoot

  • Lol, this didn't take too long. Always love a troll. I saw the invariants right away. This was also just a little bit of a social engineering challenge too at the end to figure out what is wanted for the flag.

    Looking back at the discussion here I think there are way too many spoilers. This one can be done with pencil and paper and a few debugging statement.

    Nice little entry-level challenge. Thanks!

    LegendarySpork

    my badge doesn't work, click on my profile if you want rank and stuff

    Taking a break from HTB through Dec 2019 in order to focus on other projects.

  • if only you could walk half way through ....... :)

  • Ignore the people talking about getting trolled.
    The difficult part of this challenge was overlooking the task description.
    "Flag should be in the format: HTB{username:password} "

    The password will NOT look like an English word.

  • Finally got it, even if trough the challenge it's not that clear what you should be aiming for, with all the above tips and some trial and error you should be able to get it (and probably already did but haven't tried to submit it).
    Got some frustration off this one but still hoping that the creator keeps working on new challenges :smiley:

  • Hahaha, this challenge is retarded and kinda makes me wanna puke/cry...You do not have to touch the code, brute force is enough and step-by-step debugging and encoding/conversions. This is an easy challenge, do not get caught up with the logic, if you have coded anything in your life, you will quickly realize the logic is just there to troll you and make you feel dumb as f***.

  • I'm totally stuck
    I found the username, and the 25 chatacters of the password
    But still give me error

  • I'm sure the problem is on the } char.
    but I cant see how solve that

  • Very easy, but what was even the point of this...?

  • This... wasn't a very fun "challenge". Wasted an hour on this one.

    Anyway, if you're confused about the password part of the flag, know that you have most likely SEEN the password already. With so much added obfuscation it's sometimes hard to pin-point the important part.

  • edited March 21

    I agree. This some bullcrap. Skimming over the hints led me to basically debug all the code. It'll be so obvious what you need to do, that it seems like it is a troll.

    Hack The Box

  • This "challenge" reminds me of one of those things that test how well/in-depth people read a set of instructions. This definitely shows who takes the TL;DR, skip-to-the-end route (myself included) and who actually read it lol

    Hack The Box

  • edited April 10

    If you follow the same logic in getting the username to get the password, you will fail. The eventual password, when you dump it, won't work because \<reasons>. The challenge asks you to use the username:password for the flag and while the challenge uses the actual username, it doesn't use the actual password in the flag. You're just expected to try bits and pieces until you come up with the piece the author submitted as the flag and not the actual password the program uses at the end.

    Waste of time. This doesn't teach you anything other than throwing #!7$ at the wall until something finally sticks. If you like trolls, great. Personally I come here to learn, not get trolled by bored authors. To each their own though.

  • I would have been working on this a while if not for some of the hints, thanks!

  • Don't think I would have got it without some hints on here lol, weird one really but good little exercise nonetheless

    freefallerr

  • I'm with several other people. It's much less reversing and much more "Which phase of execution is the magic phrase?" I didn't see any way to know for certain which was the key without just spamming the scoreboard.

    halligan

  • edited June 17

    @AdmiralGaust said:

    Finally done it after wasting 45 minutes. I will like to give hint to others so as to prevent their waste of time.

    "Password is actually not a password but you can get it after encrypting your keys"

    Best tip for me, solved

Sign In to comment.