Main


The House Always Wins.

Welcome to "The House Always Wins!"

This dojo is centered around PRNGs (Pseudo-Random Number Generators) and the exploitation of the "pseudo" part.

If you have any experience with reverse-engineering and want to learn by doing, feel free to stop reading now and go dig around in the bins - all main challenges should be solvable without any guidance!

If you get stuck and need a hint, or want to learn more about the intended approach and the concepts behind it - each challenge has a series of encrypted hints. Dectypting them is easy:

$ echo "aGFpIGhld3dvdSBpbWEgaGludCA6Mwo=" | base64 -d

       ^^^ that's the enctypted hint in base64

In any case, good luck! -CyanBun96

Overview TGV2ZWwgMSAtIFR1dG9yaWFsCgpEaWZmaWN1bHR5OgogIFJ1bGVzOiBbKi0tXSAoMTAgd2luIHN0cmVhaywgMjAwMCByb3VuZHMpCiAgU2VlZDogIFhYWFhYIChnZXRlbnRyb3B5KQogIFBSTkc6ICBbKioqXSAoTEFGKQo=

Description VGhlIGZpcnN0IGxldmVsIGlzIGludHJvZHVjdG9yeSAtIGFsbCB5b3UgbmVlZCB0byBkbyBpcyB3aW4gMTAgdGltZXMKaW4gYSByb3chIFdpdGggY2hhbmNlcyBiZWluZyA1MC81MCwgdGhhdCBzaG91bGQgdGFrZSBhcm91bmQgMjA0OCB0cmllcwpvbiBhdmVyYWdlLiBUaGUgMjAwMCByb3VuZCBsaW1pdCBtaWdodCB0cmlwIHlvdSB1cCBhIGJpdCwgYnV0IHlvdSBjYW4KcmV0cnkgdGhlIGNoYWxsZW5nZSBhcyBtdWNoIGFzIHlvdSB3YW50Lgo=

Intended approach VGhlIFBSTkcgaW4gdGhpcyBsZXZlbCBpcyBxdWl0ZSBzdHJvbmcsIGFuZCB0aGUgc2VlZCAoaW5pdGlhbCBzdGF0ZSkgaXMKcHJhY3RpY2FsbHkgdW5jcmFja2FibGUuIFRoZSB3aW4gY29uZGl0aW9uIGlzIGVhc3kgZW5vdWdoIHRob3VnaCwgdGh1cy4uLgoKQnJ1dGVmb3JjZSEgVGhpcyBsZXZlbCBpcyBtb3N0bHkgaGVyZSB0byBoZWxwIHlvdSBhdXRvbWF0ZSB0aGUgaW50ZXJhY3Rpb25zCnRocm91Z2ggc29tZXRoaW5nIGxpa2UgcHdudG9vbHMgZm9yIFB5dGhvbi4gV2hpbGUgeW91LCB0ZWNobmljYWxseSwgY2FuCnNvbHZlIGV2ZXJ5IGNoYWxsZW5nZSBpbiB0aGUgbWFpbiBkb2pvIHdpdGggcGVuLCBwYXBlciBhbmQgcG93ZXIgb2Ygd2lsbCwKYXV0b21hdGlvbiBpcyBleHBlY3RlZCBhbmQgbm90IGNvbnNpZGVyZWQgY2hlYXRpbmcuCgpGZWVkaW5nIGFueSB2YWxpZCBpbnB1dCAoJzEnIG9yICcwJyBpbiBBU0NJSSArIG5ld2xpbmUpIDIwMDAgdGltZXMgc2hvdWxkCmRvIHRoZSB0cmljayEK

Algorithms and implementation details TGluZWFyIEFkZGl0aXZlIEZlZWRiYWNrIHJhbmRvbSBudW1iZXIgZ2VuZXJhdG9yIGlzIGEgc2xpZ2h0bHkgYWRqdXN0ZWQKKGxpdGVyYWxseSAxIGJpdCBvZiBkaWZmZXJlbmNlKSB2ZXJzaW9uIG9mIHRoZSBnbGliYydzIGRlZmF1bHQgcmFuZCgpClRoZSBkZXRhaWxzIGFuZCByZWFzb25zIGZvciB0aGVtIHdpbGwgYmUgZGlzY3Vzc2VkIGxhdGVyLi4uCgpnZXRlbnRyb3B5KCkgY2FsbHMgZ2V0cmFuZG9tKCkgdW5kZXIgdGhlIGhvb2QsIHdoaWNoIHJlYWRzIGZyb20gdGhlIHNhbWUKc291cmNlIGFzIC9kZXYvdXJhbmRvbS4gSWYgeW91IGhhcHBlbiB0byBjcmFjayBpdCAtIGV4cGVjdCBnbG9iYWwgY2hhb3MuCgpTb3VyY2VzOgptYW4gMyByYW5kb20KbWFuIDMgZ2V0ZW50cm9weQptYW4gMiBnZXRyYW5kb20K

Connect with SSH

Link your SSH key, then connect with: ssh hacker@pwn.college

Overview TGV2ZWwgMiAtIEZpeGVkIHNlZWQgYXR0YWNrCgpEaWZmaWN1bHR5OgogIFJ1bGVzOiBbKioqXSAoNzc3IHdpbiBzdHJlYWssIDIwMDAgcm91bmRzKQogIFNlZWQ6ICBbKi0tXSAoZml4ZWQpCiAgUFJORzogIFhYWFhYIChMQUYgYnV0IHN0cm9uZ2VyKQo=

Description VGhlIHNlY29uZCBsZXZlbCByZXF1aXJlcyBzb21lIGFjdHVhbCBSTkcgZXhwbG9pdGF0aW9uIQpNb3N0IFJOR3MgYXJlIGp1c3QgYSBjb21wbGljYXRlZCBmb3JtdWxhIHRoYXQgb3V0cHV0cyBudW1iZXJzIHRoYXQKb25seSBzZWVtIHJhbmRvbS4gVGhleSByZXF1aXJlIGEgc2VlZCB2YWx1ZSAtIHRoZSBmaXJzdCB2YWx1ZQp0aGF0J3MgZ29pbmcgdG8gaW5mbHVlbmNlIGV2ZXJ5IG51bWJlciBnZW5lcmF0ZWQgYnkgdGhlIFJORy4KSWYgdGhlIHNlZWQgdmFsdWUgaXMgdGhlIHNhbWUsIHRoZSBnZW5lcmF0ZWQgbnVtYmVycyB3aWxsIGFsc28KYmUgdGhlIHNhbWUgZXZlcnkgdGltZS4KCkNhc2UgaW4gcG9pbnQgLSBNaW5lY3JhZnQhIFlvdSBjYW4gZ2VuZXJhdGUgdGhlIHNhbWUgcmFuZG9tIHdvcmxkCmFzIGxvbmcgYXMgeW91IGtub3cgdGhlIHNlZWQuCg==

Intended approach VGhlIGFsZ29yaXRobSBpdHNlbGYgZG9lc24ndCBnaXZlIHlvdSBlbm91Z2ggaW5mb3JtYXRpb24gYWJvdXQgaXRzCmludGVybmFsIHN0YXRlIHRvIGF0dGFjayBpdCwgc28gZm9jdXMgb24gZXhwbG9pdGluZyB0aGUgZml4ZWQgc2VlZC4KCklmIHlvdSBkbyBmaW5kIGEgd2F5IHRvIGF0dGFjayB0aGUgYWxnb3JpdGhtIGxldCBtZSBrbm93IHRob3VnaDspCg==

Hint 1 VGhlIHNlZWQgaXMgdW5pcXVlIGZvciBldmVyeW9uZSBiZWNhdXNlIGl0IGlzIGJhc2VkIG9uIHlvdXIgL2ZsYWcuClRoaXMgYWxzbyBtZWFucyB0aGF0IGEgaGFyZGNvZGVkIHNvbHV0aW9uIGZvciBwcmFjdGljZSBtb2RlIHdpbGwKbm90IHdvcmsgaW4gY2hhbGxlbmdlIG1vZGUgYmVjYXVzZSB0aGUgZmxhZ3MgYXJlIGRpZmZlcmVudCEK

Hint 2 VGhlIGludGVuZGVkIHNvbHV0aW9uIHJlcXVpcmVzIHJlc3RhcnRpbmcgdGhlIGNoYWxsZW5nZSBwcm9ncmFtIG9uY2Uu

Hint 3 VGhpcyBjaGFsbGVuZ2UgaXMgYWxzbyBzdXBwb3NlZCB0byB0ZWFjaCB5b3UgdG8gc3RvcmUgb3V0cHV0cyAtIHlvdSdsbApiZSBkb2luZyB0aGF0IGEgbG90IGluIGZ1dHVyZSBjaGFsbGVuZ2VzLgo=

Connect with SSH

Link your SSH key, then connect with: ssh hacker@pwn.college

Overview TGV2ZWwgMyAtIFByZWRpY3RhYmxlIHNlZWQgYXR0YWNrCgpEaWZmaWN1bHR5OgogIFJ1bGVzOiBbKioqXSAoNzc3IHdpbiBzdHJlYWssIDIwMDAgcm91bmRzKQogIFNlZWQ6ICBbKiotXSAodGltZSgwKSkKICBQUk5HOiAgWFhYWFggKGdsaWJjIHJhbmQoKSkK

Description VGhlIHRoaXJkIGxldmVsIGlzIHN0aWxsIGEgc2VlZCBhdHRhY2ssIGJ1dCBhIGJpdCBtb3JlIGFkdmFuY2VkLgpTaW5jZSB1c2luZyBhIGZpeGVkIHNlZWQgZm9yIFJOR3Mga2luZGEgZGVmZWF0cyB0aGUgcHVycG9zZSwgbW9zdApwcm9ncmFtcyB1c2Ugc29tZSB2YWx1ZSB0aGF0IGNoYW5nZXMganVzdCBlbm91Z2ggdG8gbm90IGJlIHRoZSBzYW1lCmFjcm9zcyBtdWx0aXBsZSBsYXVuY2hlcy4KCkNhc2UgaW4gcG9pbnQgLSBNaW5lY3JhZnQhIEl0IHVzZXMgKG9yIGF0IGxlYXN0IHVzZWQgYXQgc29tZSBwb2ludCkKdGhlIGN1cnJlbnQgdGltZSBhcyB0aGUgd29ybGQgc2VlZCBpZiBubyBzZWVkIGlzIHNwZWNpZmllZC4K

Intended approach SWYgeW91IGNhbiBnZW5lcmF0ZSB0aGUgc2FtZSBudW1iZXJzIGFzIHRoZSBjaGFsbGVuZ2UsIHlvdSBjYW4gcHJlZGljdAp0aGUgYW5zd2VycyEgWW91IGp1c3QgbmVlZCB0byBmaWd1cmUgb3V0IGEgd2F5IHRvIGNvcHkgdGhlIGludGVybmFsIHN0YXRlCm9mIHRoZSBjaGFsbGVuZ2UncyBSTkcuIFRoaXMgd2lsbCBiZSB0aGUgd2F5IHRvIGdvIGZvciB0aGUgcmVzdCBvZiB0aGUgbWFpbgpjaGFsbGVuZ2VzIC0gY29weSB0aGUgc3RhdGUsIGNvcHkgdGhlIGFsZ29yaXRobSwgd2luIQo=

Hint 1 VGhpcyBpcyB0aGUgb25seSBjaGFsbGVuZ2Ugd2l0aG91dCBhIGhhcmRjb2RlZCBQUk5HIGFsZ29yaXRobSAtIHRoYXQncwpieSBkZXNpZ24sIHRvIG1ha2UgaXQgZWFzaWVyLiBZb3UgYXJlIG5vdCBzdXBwb3NlZCB0byByZXZlcnNlLWVuZ2luZWVyIGl0IC0KeW91IGNhbiB1c2UgaXQgYXMtaXMuCg==

Hint 2 VGhlIG9yaWdpbmFsIHByb2dyYW0gd2FzIHdyaXR0ZW4gaW4gQywgYW5kIHRoZSBlYXNpZXN0IHNvbHV0aW9uIHdvdWxkIGJlCnRvIGp1c3QgY2xvbmUgdGhlIHJlbGV2YW50IHBhcnRzIGluIGEgQyBwcm9ncmFtIG9mIHlvdXIgb3duLgo=

Technical note VGhpcyBjaGFsbGVuZ2Ugd2FzIGNvbXBpbGVkIGFuZCB0ZXN0ZWQgd2l0aCB3aXRoIGdjYyAxNC4xLjEgYW5kIGdsaWJjIDIuMzkuClRoZSByYW5kKCkncyBhbGdvcml0aG0gaGFzbid0IGNoYW5nZWQgaW4gYSB3aGlsZSBhbmQgdGhlcmUgaXMgbm8gcmVhc29uCnRvIGV4cGVjdCBpdCB0bywgYnV0IHlvdSBuZXZlciBrbm93Li4uClJlY29tcGlsaW5nIHRoZSBzb3VyY2UgZm9yIHNvbWUgb3RoZXIgT1Mgb3IgYXJjaGl0ZWN0dXJlIG1heSByZW5kZXIgdGhlCmNoYWxsZW5nZSB1bnNvbHZhYmxlLCBpbiB0aGVvcnkuICJJdCBEZXBlbmRzIih0bSkK

Connect with SSH

Link your SSH key, then connect with: ssh hacker@pwn.college

Overview TGV2ZWwgNCAtIExGU1IgMQoKRGlmZmljdWx0eToKICBSdWxlczogWyoqKl0gKDc3NyB3aW4gc3RyZWFrLCAyMDAwIHJvdW5kcykKICBTZWVkOiAgWyotLV0gKGZpeGVkKQogIFBSTkc6ICBbKi0tXSAoNy1iaXQgTEZTUikKCg==

Description Tm93IGNvbWVzIHRoZSBmdW4gcGFydCAtIHByZWRpY3RpbmcgZnV0dXJlIG91dHB1dHMgb24gcHJldmlvdXMgb3V0cHV0cyBhbG9uZSEKVGhlIFBSTkcgaW1wbGVtZW50ZWQgaGVyZSBpcyBhIExpbmVhciBGZWVkYmFjayBTaGlmdCBSZWdpc3RlciAtIG9uZSBvZiB0aGUKc2ltcGxlc3QsIHlldCBlZmZlY3RpdmUgYW5kIGVsZWdhbnQgc29sdXRpb25zIGZvciBSTkcuIENoZWNrIHRoZSBmb2xsb3dpbmcKaGludCBhbmQgcGxheSBhcm91bmQgd2l0aCB0aGUgbGZzcl90b3kgaW4gL2NoYWxsZW5nZS8gdG8gZ2V0IHRoZSBoYW5nIG9mIGl0IQoK

LFSR basics TGluZWFyIC0gaXQgY2FuIGJlIHJldmVyc2VkIQpGZWVkYmFjayAtIGl0IGZlZWRzIGl0J3Mgb3duIHZhbHVlcyBiYWNrIHRvIGl0c2VsZiEKU2hpZnQgLSB0YWtlIGFsbCB0aGUgYml0cyBhbmQgbW92ZSB0aGVtIHJpZ2h0IG9uZSBwbGFjZSEKUmVnaXN0ZXIgLSB0aGF0J3Mgd2hlcmUgdGhlIGJpdHMgYXJlIHN0b3JlZCEKCkxldCdzIHRha2UgMTAxMTAgYXMgdGhlIGluaXRpYWwgc3RhdGUsIHdpdGggInRhcHMiIGF0IDIgYW5kIDMuCkZpcnN0LCB3ZSBmaWd1cmUgb3V0IHRoZSBmZWVkYmFjayBwYXJ0LiBXZSBuZWVkIHRvIGdldCBhIG5ldyBiaXQsIGFuZCB0aGUKdGFwcyBhcmUgZ29pbmcgdG8gYmUgdGhlIHNvdXJjZS4KCiAxIDAgMSAxIDAKICAgICBeIF4KVGhvc2UgdHdvIGdldCBYT1InZCB0b2dldGhlciB0byBnZXQgdGhlIG5ldyBiaXQuClhPUiAoXikgPSBlWGNsdXNpdmUgT1IgPSAwIGlmIG51bWJlcnMgYXJlIHNhbWUgYW5kIDEgaWYgdGhleSdyZSBkaWZmZXJlbnQKMSBeIDEgPSAwIC0gdGhhdCdzIG91ciBuZXcgYml0IQoKTm93IGZvciB0aGUgc2hpZnQhIEl0IGVmZmVjdGl2ZWx5IGRpdmlkZXMgdGhlIG51bWJlciByZXByZXNlbnRlZCBieSB0aGUgYml0cwpieSB0d28sIGFuZCBjYW4gYmUgZG9uZSB3aXRoICJudW1iZXIgPj4gMSIgb3IgIm51bWJlciAvIDIiIGluIEMuCgogMSAwIDEgMSAwID4+CiAgdiAgIHYgICB2CiAuIDEgMCAxIDEgPj4gMAogXm5ld15zdGF0ZSAgIF5vdXRwdXQhCgpUaGUgb3V0cHV0IGlzIHVzZWQgImFzLWlzIiB0byBkZWNpZGUgdGhlIGNvaW4gZmxpcCBpbiB0aGUgY2hhbGxlbmdlLCBhbmQgZnVsbApudW1iZXJzIGNhbiBiZSBnZW5lcmF0ZWQgYnkgcmVhZGluZyBtdWx0aXBsZSBiaXRzIGluIGEgbG9vcC4KTm93IHdlIGdldCB0aGUgbmV3IGJpdCB3ZSBjYWxjdWxhdGVkIGVhcmxpZXIgYW5kIHBsYWNlIGl0IG9uIHRoZSBsZWZ0OgoKIC4gMSAwIDEgMQogdgogMCAxIDAgMSAxCgpBbmQgbm93IHdlIHN0YXJ0IG92ZXIhCgowMTAxMSA+PiAxMDEwMSA+PiAxCiAgdnYgICAgIF4KICAwXjE9MT4+XgoKMTAxMDEgPj4gMTEwMTAgPj4gMQogIHZ2ICAgICBeCiAgMV4wPTE+Pl4KCjExMDEwID4+IDExMTAxID4+IDAKICB2diAgICAgXgogIDBeMT0xPj5eCgoxLiBDYWxjdWxhdGUgdGhlIG5ldyBiaXQgYnkgWE9SaW5nIHRoZSB2YWx1ZXMgYXQgdGhlIHRhcHMuCjIuIFJlYWQgdGhlIGxlYXN0IHNpZ25pZmljYW50IGJpdCB0byBnZXQgdGhlIG91dHB1dC4KMy4gU2hpZnQgYWxsIGJpdHMgdG8gdGhlIHJpZ2h0Lgo0LiBOZXcgYml0IGlzIHRoZSBuZXcgbW9zdCBzaWduaWdpY2FudCBiaXQuCjUuIFJlcGVhdCEKClRoaXMgaXMgaG93IHRoZSBMRlNSIGlzIGltcGxlbWVudGVkIGluIHRoZSBjaGFsbGVuZ2VzIDQgYW5kIDUsIGJ1dCBpdCBjYW4gdGFrZQptYW55IGZvcm1zIGFuZCBiZSBjb21iaW5lZCB3aXRoIG90aGVyIGFsZ29yaXRobXMgdG8gbWFrZSBpdCBzdHJvbmdlciEKCkxGU1JzIGFyZSB2ZXJ5IHBvcHVsYXIsIHNvIGFueSBxdWVycnkgaW4gYSBzZWFyY2ggZW5naW5lIG9yIHZpZGVvIGhvc3Rpbmcgc2l0ZQpvZiB5b3VyIGNob2ljZSB3aWxsIGNvbWUgdXAgd2l0aCBtYW55IG1vcmUgcmVzdWx0cyBhbmQgZXhwbGFuYXRpb25zLgoKYWxzbyBwbGF5IHdpdGggTEZTUiBUb3kgaW4gL2NoYWxsZW5nZS8gaXRzIFZlcnkgQ29vbCBpZiBpIGRvIHNheSBzbyBteXNlbGY7KQo=

Intended approach V2hpbGUgdGhpcyBjaGFsbGVuZ2UncyBpbXBsZW1lbnRhdGlvbiBvZiBMRlNSIGNhbiBiZSBiZWF0ZW4gaW4gc2V2ZXJhbCB3YXlzLAppdCBpcyBtb3N0bHkgaW50ZW5kZWQgYXMgYSBwcmFjdGljYWwgZ3VpZGUgb24gaW5mZXJpbmcgdGhlIFJORydzIGludGVybmFsCnN0YXRlIGZyb20gaXRzIG91dHB1dHMgYWxvbmUuIFJldmVyc2UtZW5naW5lZXIgdGhlIGFsZ29yaXRobSwgZ2V0IGEgZmV3CnJlc3VsdHMgZnJvbSB0aGUgY2hhbGxlbmdlIGFuZCB1c2UgdGhlbSB0byBtYXRjaCB0aGUgY2hhbGxlbmdlJ3Mgb3V0cHV0cyEKCg==

Hint 1 SW4gY2FzZSBvZiBMRlNScywgeW91IGNhbiBnZXQgdGhlIGluaXRpYWwgc3RhdGUgYnkganVzdCByZWFkaW5nIHRoZSBhbW1vdW50Cm9mIGJpdHMgZXF1YWwgdG8gTEZTUidzIGxlbmd0aC4gQ29tYmluZSB0aGF0IGFuZCB0aGUgZmFjdCB0aGF0IHRoZSBzZWVkIGlzCmZpeGVkIHRvIGRldmVsb3AgYSBmbGV4aWJsZSBzb2x1dGlvbiB0aGF0IGNhbiBiZSByZXVzZWQgaW4gdGhlIGZ1dHVyZS4KCg==

Bonus hint TEZTUidzIG91dHB1dHMgbG9vcCBhcm91bmQgYWZ0ZXIgMiB0byB0aGUgcG93ZXIgb2YgTEZTUidzIGxlbmd0aCBtaW51cyBvbmUuCkhlcmUgaXQncyAyKio3LTE9MTI3LCBzbyBleHBsb2l0aW5nIHRoYXQgaXMgYSB2YWxpZCBhcHByb2FjaCEKVGhlIG5leHQgY2hhbGxlbmdlIHRob3VnaC4uLgoK

Connect with SSH

Link your SSH key, then connect with: ssh hacker@pwn.college

Overview TGV2ZWwgNSAtIExGU1IgMgoKRGlmZmljdWx0eToKICBSdWxlczogWyoqKl0gKDc3NyB3aW4gc3RyZWFrLCAyMDAwIHJvdW5kcykKICBTZWVkOiAgWFhYWFggKGdldGVudHJvcHkpCiAgUFJORzogIFsqKi1dICgzMS1iaXQgTEZTUikKCg==

Description SXQncyBsZXZlbCA0LCBidXQgaGFyZGVyISBUaGUgTEZTUidzIHBlcmlvZCBpcyAyKiozMS0xIHNvIHlvdSBjYW4ndCBleHBsb2l0CnRoYXQsIGFuZCB0aGUgc2VlZCBpcyBhbHNvIHVucHJlZGljdGFibGUuIFRoZSBhbGdvcml0aG0gaXMgdGhlIHNhbWUgdGhvdWdoLApzbyBpZiB5b3Ugc29sdmVkIDQganVzdCB0aGUgcmlnaHQgd2F5LCBhbGwgaXQncyBnb2luZyB0byB0YWtlIGhlcmUgaXMKYWRqdXN0aW5nIGEgZmV3IHZhcmlhYmxlcyEKCg==

Intended approach VGhlIExGU1IncyBsZW5ndGggYW5kIHRoZSB0YXBzJyBwb3NpdGlvbnMgYXJlIHRoZSBvbmx5IHRoaW5ncyB5b3UgaGF2ZSB0bwphZGp1c3QgaWYgeW91ciBpbXBsZW1lbnRhdGlvbiBpcyBnZW5lcmljIGVub3VnaC4KCg==

Bonus hint TEZTUnMgd2l0aCBzaW1wbGUgcmF0aW9zIGJldHdlZW4gdGhlIGxlbmd0aCBhbmQgdGFwIHBvc2l0aW9ucyBjYW4gZ2VuZXJhdGUKcmVhbGx5IGZ1bmt5IHBhdHRlcm5zIHdoZW4geW91IHByaW50IHRoZSByZXN1bHRzIG91dCBpbiB0d28gZGltZW5zaW9ucyEKVGhhdCdzIHdoeSB0aGlzIGNoYWxsZW5nZSB1c2VzIHByaW1lIG51bWJlcnMgZm9yIHRob3NlIDopCgo=

Connect with SSH

Link your SSH key, then connect with: ssh hacker@pwn.college

Overview TGV2ZWwgNiAtIFJlYWwgcmFuZCgpIQoKRGlmZmljdWx0eToKICBSdWxlczogWyoqKl0gKDc3NyB3aW4gc3RyZWFrLCAyMDAwIHJvdW5kcykKICBTZWVkOiAgWFhYWFggKGdldGVudHJvcHkpCiAgUFJORzogIFsqKi1dIChnbGliYyByYW5kKCkgVFlQRV8wKQoK

Description WW91J3ZlIHJlYWNoZWQgdGhlIFJlYWwgUFJORyBMZXZlbCEgVGhlIGFsZ29yaXRobSB1c2VkIGhlcmUgaXMgYSB2ZXJiYXRpbSBjb3B5Cm9mIHRoZSBvbmUgdXNlZCBpbiByYW5kKCkhIE9yIHJhdGhlciwgImFuIiBhbGdvcml0aG0gZnJvbSBpdC4uLiBUaGUgZ2xpYmMKaW1wbGVtZW50YXRpb24gc3VwcG9ydHMgdmFyaW91cyBzdGF0ZSBsZW5ndGhzLCBhbmQgaXQgdXNlcyBhIGRpZmZlcmVudAphbGdvcml0aG0gZm9yIGFsbCBsZW5ndGhzIGJ1dCB0aGUgc2hvcnRlc3QuIEEgbXVjaCBzaW1wbGVyIG9uZS4gQW5kIHRoZQpiaW5hcnkgZG9lc24ndCBjYWxsIHJhbmQoKSBlaXRoZXIgLSB0aGUgYWxnb3JpdGhtIGlzIGEgZnVuY3Rpb24gaW4gdGhlIG1haW4KcHJvZ3JhbSBzbyB0aGF0IHlvdSBkb24ndCBoYXZlIHRvIGRpdmUgaW50byBzaGFyZWQgbGlicyB3aGVuIGRlYnVnZ2luZy4gU3RpbGwsCml0J3MgYWxtb3N0IFJlYWwhIFRoYXQncyBwb3dlcmZ1bCBzdHVmZiB5b3UncmUgZGVsdmluZyBpbnRvIQoK

Relevant code snippet U291cmNlOiBnbGliYy0yLjM5LCByYW5kb21fci5jLCBsaW5lIDM1MwoKaW50IF9fcmFuZG9tX3Ioc3RydWN0IHJhbmRvbV9kYXRhICpidWYsIGludDMyX3QgKnJlc3VsdCkKLi4uCmlmIChidWYtPnJhbmRfdHlwZSA9PSBUWVBFXzApCiAgICB7CiAgICAgIGludDMyX3QgdmFsID0gKChzdGF0ZVswXSAqIDExMDM1MTUyNDVVKSArIDEyMzQ1VSkgJiAweDdmZmZmZmZmOwogICAgICBzdGF0ZVswXSA9IHZhbDsKICAgICAgKnJlc3VsdCA9IHZhbDsKICAgIH0KLi4uCgpUaGUgX19yYW5kb21fciBmdW5jdGlvbiB0YWtlcyBhIGZ1bGwgcmFuZG9tX2RhdGEgc3RydWN0IGFuZCBwdWxscyB0aGUgc3RhdGUKb3V0IG9mIHRoYXQsIGJ1dCBmb3IgVFlQRV8wIHRoZSByZXN0IG9mIHRoZSBzdHJ1Y3R1cmUgaXMgaXJyZWxldmFudC4gSXQgaGFzCmJlZW4gcmVwbGFjZWQgYnkgYSBzaW5nbGUgdmFyaWFibGUgaW4gdGhlIGNoYWxsZW5nZSBiaW5hcnkuCgo=

Intended approach U28gZmFyIHlvdSd2ZSBiZWVuIHJlYWRpbmcgYW5kIHdyaXRpbmcgb25lcyBhbmQgemVyb2VzLCBhbmQgaXQgZG9lc24ndCBzdG9wCmhlcmUhIFdoaWxlIHRoZSBzdGF0ZSBpcyBzdG9yZWQgYXMgYW4gaW50ZWdlciwgaXQncyBzdGlsbCBhIGJ1bmNoIG9mIG9uZXMgYW5kCnplcm9lcyB1bmRlcm5lYXRoLiBUaGUgY2hhbGxlbmdlIGdldHMgb25lIG51bWJlciBhbmQgc3BsaXRzIGl0IGludG8gbXVsdGlwbGUKdmFsdWVzIC0ganVzdCBsaWtlIGluIGNoYWxsZW5nZXMgMS0zLiBUaGUgYWxnb3JpdGhtIGhlcmUgcmVxdWlyZXMgYSBiaXQgbW9yZQp0aGFuIFhPUmluZyBhbmQgc2hpZnRpbmcsIGJ1dCBpdCdzIHN0aWxsIGEgb25lLWxpbmVyLgoK

Fun fact QW5vdGhlciB3b3JkIGZvciAiemVybyIgaXMgImNpcGhlciIhCkFuZCBub3cgeW91J3JlIGJyZWF0aGluZyBtYW51YWxseS4KCg==

Connect with SSH

Link your SSH key, then connect with: ssh hacker@pwn.college

Overview TGV2ZWwgNyAtIFJlYWwgcmFuZCgpLCBmb3IgcmVhbCB0aGlzIHRpbWUhCgpEaWZmaWN1bHR5OgogIFJ1bGVzOiBbKioqXSAoNzc3IHdpbiBzdHJlYWssIDIwMDAgcm91bmRzKQogIFNlZWQ6ICBYWFhYWCAoZ2V0ZW50cm9weSkKICBQUk5HOiAgWyoqKl0gKGdsaWJjIHJhbmQoKSkKCg==

Description VGhlIGZpbmFsIGJvc3MhCkdvb2QgbHVjay4KSSBtZWFuLCB5b3UgbWFkZSBpdCB0aGlzIGZhci4KSSBiZWxpZXZlIGluIHlvdSEKCg==

Implementation details UmFudCB0aW1lIQoKbWFuIDMgcmFuZG9tIHN0YXRlcyAiVGhlIHJhbmRvbSgpIGZ1bmN0aW9uIHVzZXMgYSBub25saW5lYXIgYWRkaXRpdmUgZmVlZGJhY2sKcmFuZG9tIG51bWJlciBnZW5lcmF0b3IuLi4iLiBUaGUgbm9uLWxpbmVhciBiaXQ/IEl0J3MgbGl0ZXJhbGx5IGEgYml0LiBBIHNpbmdsZQpiaXQgb2Ygbm9ubGluZWFyaXR5LiBIZXJlJ3MgdGhlIGNvZGUgZnJvbSByYW5kb21fci5jOgouLi4KLyogQ2h1Y2tpbmcgbGVhc3QgcmFuZG9tIGJpdC4gICovCiAgICAgICpyZXN1bHQgPSB2YWwgPj4gMTsKLi4uCkV2ZXJ5dGhpbmcgZWxzZSBhYm91dCBpdCBpcyB0b3RhbGx5IGxpbmVhci4gVGh1cyBrbm93aW5nIHRoZSBzdGF0ZSB5b3UgY2FuCnByZWRpY3QgdGhlIG5leHQgb3V0cHV0IHdpdGggNTAvNTAgY2hhbmNlcy4KCkFuZCBpdCdzIG5vdCBzb21lIGZ1biBub24tbGluZWFyIGZ1bmN0aW9uIGVpdGhlciAtIGl0IGp1c3QgeWVldHMgdGhlIHNhbWUgYml0LgoKVGhhdCdzIG9uZSBiaXQgYXdheSBmcm9tIHBlcmZlY3Rpb24uIEkgaGF0ZSBpdC4KClRoZSBvcmlnaW5hbCB2ZXJzaW9uIG9mIHRoaXMgY2hhbGxlbmdlIGFjdHVhbGx5IGNhbGxlZCByYW5kKCksIGFuZCBhcyBmYXIgYXMgSSdtCmNvbmNlcm5lZCBpdCdzIHZpcnR1YWxseSBpbXBvc3NpYmxlIHRvIHNvbHZlIGl0IGRldGVybWluaXN0aWNhbGx5LgpOb3cgdGhlIGNoYWxsZW5nZSB1c2VzIGFuIGFsZ29yaXRobSB0aGF0J3MgcHJhY3RpY2FsbHkgdGhlIHNhbWUsIGV4Y2VwdCBmb3IgdGhpcwpvbmUgYml0LiBUaGF0IG1lYW5zIGEgZ29vZCBzb2x1dGlvbiBjYW4gc29sdmUgaXQgaW4gdGhlIHNhbWUgbnVtYmVyIG9mIHR1cm5zCmV2ZXJ5IHRpbWUsIGFuZCBub3RoaW5nIGlzIGxlZnQgdXAgdG8gUk5Hc3VzLgoKSWYgeW91IHdhbnQgdG8gY3JhY2sgYWN0dWFsIHJhbmQoKSAtIGl0J3MganVzdCBhIGZldyBtaW5vciBhZGp1c3RtZW50cyB0byB0aGUKc2FtZSBhbGdvcml0aG0uIEkndmUgZGVjaWRlZCB0aGF0IHRoZSBjaGFsbGVuZ2UgaXMgY2xvc2UgZW5vdWdoIHRvIHN0aWxsIGJlCmp1c3QgYXMgZWR1Y2F0aW9uYWwgd2l0aG91dCB0aGUgdW5uZWVkZWQgY29pbiBmbGlwLiBUaGUgbWFpbiBwb2ludCBvZiB0aGlzCnNlcmllcyBpcyB0byBpbGx1c3RyYXRlIHRoZSB2dWxuZXJhYmlsaXRpZXMgb2YgbGluZWFyIFBSTkdzIGluIGEgc2F0aXNmeWluZyBhbmQKZW1wb3dlcmluZyB3YXksIGFuZCBrZWVwaW5nIHRoYXQgc2luZ2xlIGJpdCBvZiBwdXJlIGNoYW5jZSB3b3VsZCBiZSBsaWtlCmRlY29yYXRpbmcgYSBnb3JnZW91cyBjYWtlIHdpdGggYSBjaGVycnkgbWFkZSBvZiBzaGl0LiA8L3JhbnQ+Cgo=

Final note - read after finishing VGhhbmsgeW91IGZvciBwbGF5aW5nIFRIQVchIEkgaG9wZSB5b3UgaGFkIGFzIG11Y2ggZnVuIGFzIEkgZGlkIG1ha2luZyBpdCA8MwpJZiB5b3UgaGF2ZSBhbnkgZmVlZGJhY2sgb3Igb3RoZXIgdGhvdWdodHMgdG8gc2hhcmUgLSBjeWFuYnVuOTZAZ21haWwuY29tCiAgLUN5YW4KCmMyYjEzZTIzY2FiY2YwZTJhNzViZTI0MTU4NTFlMmQzCgo=

Connect with SSH

Link your SSH key, then connect with: ssh hacker@pwn.college

Overview TGV2ZWwgNzcgLSBQbG90IFR3aXN0CgpEaWZmaWN1bHR5OgogIFJ1bGVzOiBbKiotXSAoNzc3IHdpbiBzdHJlYWssIDMwMDAwIHJvdW5kcykKICBTZWVkOiAgWFhYWFggKGdldGVudHJvcHkpCiAgUFJORzogIFsqKioqXShNVDE5OTM3KQo=

Description TWVyc2VubmUgVHdpc3RlciwgYWthIE1UMTk5MzcKRmlyc3Qgb2YgYWxsLCBvbmUgb2YgdGhlIGNvb2xlciBQUk5HIG5hbWVzLgpBbmQgdGhlIGNvb2xuZXNzIGRvZXNuJ3Qgc3RvcCB0aGVyZSEKSXQncyB1c2VkIGV2ZXJ5d2hlcmUgLSBQeXRob24ncyByYW5kb20sIGZvciBleGFtcGxlLgpBbmQgdGhlcmUncyBhIHJlYXNvbjogaXQncyBRdWl0ZSBHb29kIQo4LzEwIGFsZ28sIGxpa2UgaXQgYSBsb3QsIHdpbGwgdXNlIGFnYWluLgo=

Implementation details VGhpcyBjaGFsbGVuZ2UgaW1wbGVtZW50cyB0aGUgTVQxOTkzNyB2YXJpYW50IC0gdGhlIHN0YW5kYXJkLgpUaGUgb2JqZWN0IG5hbWVzIGhhdmUgYXJlIGV4cG9ydGVkIHNvIHRoZSB2YXJpYWJsZSBuYW1lcyB5b3UnbGwKc2VlIGluIHNvbWUgZGVjb21waWxlcnMgd2lsbCBiZSB0aGUgc2FtZSBhcyBpbiBtb3N0IHNvdXJjZXMuCg==

Intended approach V2hpbGUgbG9va2luZyBhdCB0aGUgc291cmNlIGNvZGUgd2FzIGtpbmRhIGltcGxpZWQgYXMgYW4gb3B0aW9uIGJlZm9yZSwgaXQncwptb3JlIG9yIGxlc3MgZXhwZWN0ZWQgaW4gdGhpcyBvbmUgLSAvY2hhbGxlbmdlLzc3LmMgd2FzIHdyaXR0ZW4gdG8gYmUgcmVhZC4KKHRoZSBvdGhlcnMgd2VyZSB3cml0dGVuIHRvIGp1c3Qgd29yayBsb2wpLiBTaW5jZSBtb3N0IGRlc2NyaXB0aW9ucyBkZWx2ZSBpbnRvCmRldGFpbHMgdGhhdCBhcmUgb3V0c2lkZSBvZiBvdXIgc2NvcGUgKGNyYWNraW5nKSwgdGhlIGNvZGUgaGFzIGJlZW4gc2ltcGxpZmllZAphbmQgY29tbWVudGVkIHJlbGF0aXZlbHkgdGhvcm91Z2hseS4KClRob3VnaCB0aGUgYWxnb3JpdGhtIGl0c2VsZiBtYXkgc2VlbSBpbnRpbWlkYXRpbmcgYXQgZmlyc3QsIHRoZSBhcHByb2FjaCBpcwp0aGUgc2FtZSBhcyBiZWZvcmUgLSByZWFkIHNvbWUgb3V0cHV0cywgZGVkdWNlIHRoZSBpbnRlcm5hbCBzdGF0ZSwgcHJlZGljdC4K

Hints VGhlIGJpZ2dlc3QgbmV3IHRoaW5nIHdlJ3JlIGludGVyZXN0ZWQgaW4gaXMgdGhlIHRlbXBlcmluZyBwcm9jZXNzLiBXaGlsZQp0cmlja3ksIGZ1bGwgInVudGVtcGVyaW5nIiBpcyB0b3RhbGx5IHBvc3NpYmxlIGFuZCB3aWxsIGFsbG93IHlvdSB0byByZWNvdmVyCnRoZSBudW1iZXIgdGhhdCdzIGRpcmVjdGx5IHdyaXR0ZW4gdG8gdGhlIHN0YXRlIGFycmF5LiBZb3Uga25vdyB3aGF0IHRvIGRvCmZyb20gdGhlcmUgOykK

Connect with SSH

Link your SSH key, then connect with: ssh hacker@pwn.college

Overview TGV2ZWwgNzc3IC0gVGhlIERMQwoKRGlmZmljdWx0eToKICBSdWxlczogWyoqKl0gKDc3NyB3aW4gc3RyZWFrLCAxMDAwIHJvdW5kcykKICBTZWVkOiAgWFhYWFggKGdldGVudHJvcHkpCiAgUFJORzogIFsqKioqKl14b3Jvc2hpcm8xMjgrKQoK

Description WG9yb3NoaXJvIG9uZS10d28tZWlnaHQuLi4gUGx1cy4KbmdsIHRoZSBuYW1lIGlzIGhhbGYgdGhlIHJlYXNvbiBpIGNob3NlIGl0CnByb3BlciBmaW5hbCBib3NzIG5hbWUgcmlnaHQgdGhlcmUKMTAvMTAsIGJ1dCBvbmx5IGlmIHlvdSBwcm9ub3VuY2UgeG9ybyBhcyB6b3JvCkl0cyBuYW1lIGhhcyBhbiBhY3R1YWwgbWVhbmluZywgdG9vIQpYT1IgLSBST3RhdGUgLSBTSElmdCAtIFJPdGF0ZQpSb3RhdGUgb3BlcmF0aW9uIGlzIGFzIHNpbXBsZSBhcyB0aGUgb3RoZXIgdHdvClRoaW5rIHlvdSBjYW4gaGFuZGxlIHRoaXMgb25lPyB9OjMKCg==

Approach QWxyaWdodCwgdGhlIHByZXZpb3VzIHNlY3Rpb24ncyB0b25lIG1heSBzZWVtIGEgYml0IGRpc2luZ2VudW91cyBhZnRlciB5b3UgcHV0CnNvbWUgdGltZSBpbnRvIHNvbHZpbmcgdGhpcyBjaGFsbGVuZ2UuIFRoZSB0aGluZyBpcywgd2hpbGUgaXQgKmlzKiBkZWZpbml0ZWx5CnNvbHZhYmxlLCBpbiB0aGVvcnksIEkgaGF2ZW4ndCBmb3VuZCBhIGdvb2Qgd2F5IHRvIGRvIGl0LgoKV2hhdCdzIGEgZ29vZCB3YXk/IFRoZSBraW5kIHRoYXQgd2FzIGludGVuZGVkIGluIHRoZSBwcmV2aW91cyBjaGFsbHMuIFRha2luZwphcGFydCB0aGUgYWxnb3JpdGhtLCB1bmRlcnN0YW5kaW5nIGl0IHRob3JvdWdobHkgYW5kIGRldGVybWluaXN0aWNhbGx5IHNvbHZpbmcKdGhlIHRoaW5nIGxpa2UgYSBmYW5jeSBtYXRoIGVxdWF0aW9uLiBGb3IgdGhpcyBvbmUsIHVuZm9ydHVuYXRlbHksIEkgY291bGRuJ3QKZmluZCBhbnkgcHVibGljIHNvbHV0aW9ucyB0aGF0IHdvdWxkIHJldmVyc2UgaXQgdGhpcyB3YXkuIFRoZSBvbmx5IHJlbGF0aXZlbHkKcmVsaWFibGUgc29sdXRpb24gaW52b2x2ZXMgdXNpbmcgejMuCgp6MyBpcyBhIG1hZ2ljIHRvb2wgd2hlcmUgeW91IGNhbiBzdHVmZiBzb21lIG51bWJlcnMgYW5kIGl0IHdpbGwgZ2l2ZSB5b3UgdGhlCmFuc3dlci4gV2VsbCwgbWF5LiBBYm91dCA1MC81MCBjaGFuY2UgaW4gbXkgdGVzdHMuIFRoZSBleGFjdCBraW5kIG9mIG1hZ2ljIGl0CmVtcGxveXMgbWFrZXMgbWUgZmVlbCBkdW1iIGFuZCBpcyBhYnNvbHV0ZWx5IGJleW9uZCB0aGlzIG1vZHVsZSdzIGFscmVhZHkKc3RyZXRjaGVkIHNjb3BlLiBBbmQgZXZlbiB0aGVuIGl0IGNhbid0IGZpbmQgdGhlIHNvbHV0aW9uIHJlbGlhYmx5IQoKVGhlIHRoaW5nIGlzLCBhIGRldGVybWluaXN0aWMgc29sdXRpb24gKklTKiBwb3NzaWJsZSwgYW5kIGV2ZW4gaW5jcmVkaWJseSBlYXN5CnRvIGltcGxlbWVudCEgSnVzdCBicnV0ZWZvcmNlIHRoZSAxMjggYml0IHN0YXRlLi4uIGFpbnQgbm9ib2R5IGdvdCB0aW1lIGZvciBkYXQKCklmIHlvdSBkbyBzb2x2ZSB0aGlzIG9uZSwgdGFrZSBhIGxvb2sgYXQgdGhlIG5leHQgc2VjdGlvbi4KCg==

The True End TGV2ZWwgNzc3Nzc3NwoKRGlmZmljdWx0eToKICBSdWxlczogWyoqKioqKjc3NyB3aW4gc3RyZWFrLCAxMDAwIHJvdW5kcywgNzc3IHRpbWVzKQogIFNlZWQ6ICBYWFhYWCAoZ2V0ZW50cm9weSkKICBQUk5HOiAgWyoqKioqXXhvcm9zaGlybzEyOCspCgogIFRoZSBzdGF0ZSBtdXN0IHJlc2V0IGFmdGVyIGVhY2ggZnVsbCB3aW4gc3RyZWFrLgogIE9ubHkgYSBkZXRlcm1pbmlzdGljIHNvbHV0aW9uIHdpbGwgd29yay4KCiAgLUN5YW4KCg==

Connect with SSH

Link your SSH key, then connect with: ssh hacker@pwn.college

30-Day Scoreboard:

This scoreboard reflects solves for challenges in this module after the module launched in this dojo.

7-Day | 30-Day | All-Time

Rank Hacker Badges Score