Hackvent 2019: Day 4

Hackvent 2019590

Challenge

HV19.04 password policy circumvention

Santa released a new password policy (more than 40 characters, upper, lower, digit, special).

The elves can't remember such long passwords, so they found a way to continue to use their old (bad) password:

merry christmas geeks

File mirror: HV19-Day4-PPC.zip

Solution

We download this zip file and extract it to find a HV19-PPC.ahk file. We know that ahk files are AutoHotKey files. Upon inspecting the ahk file we find that this is in fact the case.

The script seems to move the cursor around and type text when certain characters are typed in.
As the script and hint suggests, we have to type in merry christmas geeks letter by letter and let the script mutate the string.

Doing so gives us our flag!

Flag:

HV19{R3memb3r, rem3mber - the 24th 0f December}

Leave a comment

(required)(will not be published)(required)

Comments

There are no comments yet. Be the first to add one!