Rating:
# EASYCTF - Little Language
> I want root access to this special programming portal, and this file is my only clue.
> Maybe the password is inside? Even if it is, I'm not sure how to enter it.
> nc c1.easyctf.com 12480
> Oh! Almost forgot... this might help.
For this challenge, we've been given an image: encrypted.png.
The instructions say that the password might be in it...
When using strings on the picture, we get the following text:
note: the password is `l7&4C&Cg`
Also on the picture, we can see a pseudo mathematical expression with the followings:
* FLAG
* E(username) = root
* E(password) = REDACTED
In the instructions, we can find a link to a page with the following expression written on it:
`S : E { ExpS $1 }
| global var '=' E { GlobalVarS $2 $4 } `
Seems like a parsing expression grammar...
Finally, the goal of this challenge was to connect to a server and get the flag.
When connecting to the server, it says : commands begin with ":" (try :help)
:help give us a little help saying that :
* `:help` show this message
* `:end` stop current multi-line parse
* `:q` exit
* note: certain language features only available to root users
The goal is clear : we have to login with username `root` and password `l7&4C&Cg`
First, we can try a simple 1 + 1 which give us the output 2.
Good news ! Our expression is interpreted.
Then if we try username = `root`, we get the following message : Could not evaluate statement or expression to a value.
So let's try global username = `root` !
Then entering username give us the output : `root`
It works the same with : global password = `l7&4C&Cg`
So we can try to print the flag with the command : flag.
Unfortunately it gives us the previous error message.
But if we try again username = `root`, instead of an error message, we get a `Yas` !
Let's try with password = `l7&4C&Cg` : and again we get a `Yas` !
Finally we just need to enter the command : `flag` to print the flag.
