Finding Flags [2 pts]

The Solution is shared considering CAN I SHARE MY SOLUTIONS? Problem Each challenge is designed to help introduce you to a new piece of cryptography. Solving a challenge will require you to find a “flag”. These flags will usually be in the format crypto{y0ur_f1rst_fl4g}. The flag format helps you verify that you found the correct solution. Try submitting this into the form below to solve your first challenge....

1 min · Aditya Telange

Great Snakes [3 pts]

The Solution is shared considering CAN I SHARE MY SOLUTIONS? Problem Modern cryptography involves code, and code involves coding. CryptoHack provides a good opportunity to sharpen your skills. Of all modern programming languages, Python 3 stands out as ideal for quickly writing cryptographic scripts and attacks. For more information about why we think Python is so great for this, please see the FAQ. Run the attached Python script and it will output your flag....

1 min · Aditya Telange

JWT Sessions [10 pts]

The Solution is shared considering CAN I SHARE MY SOLUTIONS? Problem The traditional way to store sessions is with session ID cookies. After you login to a website, a session object is created for you on the backend (the server), and your browser (the client) is given a cookie which identifies that object. As you make requests to the site, your browser automatically sends the session ID cookie to the backend server, which uses that ID to find your session in its own memory and thus authorise you to perform actions....

2 min · Aditya Telange

Network Attacks [5 pts]

The Solution is shared considering CAN I SHARE MY SOLUTIONS? Problem Several of the challenges are dynamic and require you to talk to our challenge servers over the network. This allows you to perform man-in-the-middle attacks on people trying to communicate, or directly attack a vulnerable service. To keep things consistent, our interactive servers always send and receive JSON objects. Python makes such network communication easy with the telnetlib module....

1 min · Aditya Telange

Token Appreciation [5 pts]

The Solution is shared considering CAN I SHARE MY SOLUTIONS? Problem JavaScript Object Signing and Encryption (JOSE) is a framework specifying ways to securely transmit information on the internet. It’s most well-known for JSON Web Tokens (JWTs), which are used to authorise yourself on a website or application. JWTs typically do this by storing your “login session” in your browser after you have authenticated yourself by entering your username and password....

2 min · Aditya Telange