HackTheBox Reversing Snake Challenge

Challenge By : 3XPL017

Challenge Description : Flag should be in the format: HTB{username:password}

Points : 10

Author : Rehman S. Beg (HTB Profile : MrReh )

________________________________________

Lets download the file and extract it content, python code snake.py Let’s first analyze the code.

To grep the flag lets first find the username, we can see username has to be the variable “slither”.

“slither” is defined as “slither= aa + db + nn + ef + rr + gh + lr + ty ” then pass to the next statement which will ask for password. So we can add some piece of code to print out the username we add this piece of code right above where it asks for user input “Print ‘username = ’ +slither” and run the program again.

Now we can see username then get prompted for a password and we don’t know a password. Now lets look at the password part. After Analysing password code We can get password printed out by adding this piece of code after username code we added

“print 'password is \n'

for char in chars:

print(str(chr(char)))”

it will print out all 25 chr we have to use first 10 here it is “udvvrjwa$$” .

So now we have username and the password, lets run the program again and use it

FLAG : “HTB{anaconda:udvvrjwa$$}”      

Leave a Reply

Your email address will not be published. Required fields are marked *