[ Home ] [ Writeups ] [ Articles ] [ Cheatsheets ] [ CVE ] [ EOF ]


.:: Minecraft Password Manager - ?CTF 2019 ::.
Title : Minecraft Password Manager - ?CTF 2019
Author : Cabir  
Date : Sunday, Aug 25, 2019
Modified : Sunday, Aug 25, 2019
Reading time: 0 minutes and 45 seconds.

.: DESCRIPTION :.

My friend stores his passwords in Minecraft worlds, and while he was distracted, I grabbed one of them. However, the password is encrypted. Could you help me get his password?


-=[Uncipher a XOR with bruteforce in a Minecraft game]=-

Step 1 : Discover

Download the file then use TLauncher on Linux (Minecrat Launcher). Drop the file in the save folder of the launcher. Then load the map. Let’s look at the map.

We got informations from the map creator.

The map is in 4 part: - The hall - The Logic Box - The Cipher - The key

Step 2 : Exploit

We analyzed the logic box with a redstone torch to understand its function, and we concluded that it was an XOR.

We choose the start offset of the key by pressing the button at the input. Then bit by bit, we decode the cipher (knowing that there are 11 possibilities.)

We copy the cipher and the key by hand into a text file.

Cipher: 111100000001111010101111001111101011000001010100010101100100001011010110111111111100000110100010000101001111100100000110101100110000100100010101011100111101001010101101110111101010010100001111101011100111101001010101101110111101010010100001111

Key: 1001011001 The key is 11 bits, so knowing that you had to choose the correct starting offset, on 11 bits, you can bruteforce by hand. # Etape 3 : Solve To decode the XOR : Xor Decryption

.: FLAG :.

FLAG{M1N3CR4F7_XOR_71M3}

[ Home ] [ Writeups ] [ Articles ] [ Cheatsheets ] [ CVE ] [ EOF ]