We will exploit the fact that numpy's array class is int64. So, what we're gonna do is basically generate random passwords, with digits, lowercase and uppercase letters and hope that one of these passwords have both sum and product (overflowed) prime.
For this, we need password with three restrictions:
I guess the last criteria is luck. I managed to brute force this quite quickly. Also note that int64 on Linux and Windows are different for numpy for some reason.
(Dumb) Python script:
xxxxxxxxxxfrom Crypto.Util.number import isPrimeimport numpy as np import refrom pwn import * import json
def check(password): if not re.fullmatch(r"\w*", password, flags=re.ASCII): return "Password contains invalid characters." if not re.search(r"\d", password): return "Password should have at least one digit." if not re.search(r"[A-Z]", password): return "Password should have at least one upper case letter." if not re.search(r"[a-z]", password): return "Password should have at least one lower case letter."
array = np.array(list(map(ord, password))) if isPrime(int(array.sum())) and isPrime(int(array.prod())): return "lmao" else: return f"Wrong password, sum was {array.sum()} and product was {array.prod()}"
for i in range(500): test = "1aA" + 'a' * i
if check(test) == "lmao": io = remote('socket.cryptohack.org', 13400) io.recvline()
to_send = dict() to_send['password'] = test io.sendline(json.dumps(to_send).encode()) io.interactive() break