Category
Reversing
Description
My friend is developing a program which has a login functionality. I know it’s insecure but he isn’t listening. Can you help me prove the point by finding out his password from the program?
Solution
Attached to the challenge is a zip file containing a cs file.
using System;
namespace ReverseOne
{
class Program
{
static void Main(string[] args)
{
string[] passwd = new string[9];
// I've left the password scrambled so that I can easily remember it if I forget it
passwd[0] = "1";
passwd[9] = "r";
passwd[5] = "h";
passwd[1] = "3";
passwd[2] = "3";
passwd[4] = "_";
passwd[6] = "@";
passwd[3] = '7';
passwd[8] = "0";
passwd[7] = "x";
Console.WriteLine("Enter your username: ");
string usrName = Console.ReadLine();
Console.WriteLine("Enter the password for " + usrName) + ": ";
string password = Console.ReadLine();
if (password == string.Join("", passwd)) {
Console.WriteLine("Welcome " + usrName);
} else {
Console.WriteLine("Incorrect password");
Main();
}
}
}
}
Rearranging the array we get the flag ASV{1337_h@x0r}