Prompt
Determine the secret password that will validate successfully against the verify function. We've been having trouble getting it to run, but we saw it running properly on a different system. The code seems to be a bit old, maybe you can find the right environment/configuration to get it to run.
Walk-Through
This challenge requires you to analyze a Python script to bypass the insecure verify function. There appears to be some type of password used in the verify function; however, it is not cryptographically secure and it is possible to reverse engineer the code to obtain the value that’s stored. The task for this challenge is to find a value for submission that will cause the verify function to return True.
Using a terminal, you can get a better understanding of the code by entering your own submissions. Create a file named bytes.py. Copy the code provided in the code window on the platform and paste into the new file using your mouse. Save the program. Then enter python bytes.py on the command line to run the program.
01234 was submitted. Since the length submitted was not even, the program ended.Please note that this code is using Python 2.7. If you try to edit or run this program on your own terminal, you may need to change the syntax of the code to get it to work, or run Python 2.7 in it’s own virtual environment.
Guide
This guide will review the lines of the verify function in order to better understand how to get the correct password value.
In lines 7-8, if the length of submission is not an even number, then verify returns false. Therefore, the length of submission will need to be an even number.
def verify(submission):
processed = [ ]
if len(submission) % 2 != 0:
return Falselen() is a built-in python function that returns the number of items in an object. In this case, len()is calculating the number of characters in the string that is submitted to the program.Next, for lines 10-11, there is a loop that will run through submission. In each iteration, the loop will combine two characters together and convert them from hexadecimal into an integer that is added to the processed list, which was initialized in line 6.
for i in range(0, len(submission) / 2):
processed.append(int(submission[i * 2] + submission[(i * 2) + 1], 16)(int(submission…)), Hex bytes are converted to decimal (ex: 0x4A=74)Through the use of a command line interface, you can see how the input is processed by adding a print statement to the Python file you created.
Add this line of code to right under processed.append... within the verify function:
print("This was processed", processed)
processed list.Through lines 13-15, the function then checks if the length of processed is equal to the length of ekc. If the lengths are not the same, then verify will return false.
ekc = [ 0x53, 75, 0x59, 0x2D, 0110, 0x45, 88, 72, 0x2D, 0x35, 0x36, 0x38, 0x30 ]
if len(processed) != len(ekc):
return Falseprocessed list is the same length of ekc. Notice the values contained in the ekc list are a mix of hexadecimal and decimal.Since processed must be equal to ekc, and processed is half of the length of submission, we know that submission must therefore be twice the length of ekc.
ekc is an list of 13 values, so submission must be 26 characters long.
The last check in the function is to iterate through the processed list and check to see if there are any values that do not match between processed and ekc. If there are any values that do not match, then verify returns ‘False’.
for i in range(len(processed)):
if ekc[i] != processed[i]:
return Falseverify function:Even if the correct characters were entered in the initial submission, the problem remains that the processed list (containing only integer values) is being compared to the ekc list, which contains a mix of integers and hexadecimal values. Thus, the verify function (as is) will never return ‘True’ unless we make changes so that the lists contain values of the same type.
However, doing this is not necessary. Fixing the program is not required. What is required is that we find a value that could pass the verify function.
The program interprets characters entered as hexadecimal and will compare whatever is entered with the contents of ekc. Therefore, a conversion of the ekc list to hexadecimal will provide a value that will pass the verify function.
Using a terminal, add the following line of code to the program after the line containing submission = raw_input… :
ekc = [ 0x53, 75, 0x59, 0x2D, 0110, 0x45, 88, 72, 0x2D, 0x35, 0x36, 0x38, 0x30 ]
print(''.join('%02x' % i for i in ekc))ekc as hexadecimalRunning the program again will print ekc as a hexadecimal string— this value will pass the verify function.
This could also be solved by converting the three decimal values in ekc to Hex through the use of CyberChef or other conversion tools. Most of the list already contains Hex values, so the 0x in front can be removed to get the correct string of characters.
Questions
1. What language is this program written in?
The programming language is indicated in the first line of the code
2. What is the password that will successfully pass the verify function?
Convert the values of ekc into a hexadecimal string
©️ 2025 Cyber Skyline. All Rights Reserved. Unauthorized reproduction or distribution of this copyrighted work is illegal.