Python Scripting Modular Arithmetic - PicoCTF 2022 #02 basic-mod1
ฝัง
- เผยแพร่เมื่อ 13 ก.ย. 2024
- New MicroCenter customer? Get a free 128 GB USB & microSD! j-h.io/microce... // Check out what MicroCenter has to offer! j-h.io/microce... // Build a new workstation or server with MicroCenter! j-h.io/microce...
Help the channel grow with a Like, Comment, & Subscribe!
❤️ Support ➡ j-h.io/patreon ↔ j-h.io/paypal ↔ j-h.io/buymeac...
Check out the affiliates below for more free or discounted learning!
🖥️ Zero-Point Security ➡ Certified Red Team Operator j-h.io/crto
💻Zero-Point Security ➡ C2 Development with C# j-h.io/c2dev
👨🏻💻7aSecurity ➡ Hacking Courses & Pentesting j-h.io/7asecurity
📗Humble Bundle ➡ j-h.io/humbleb...
🐶Snyk ➡ j-h.io/snyk
🌎Follow me! ➡ j-h.io/discord ↔ j-h.io/twitter ↔ j-h.io/linkedin ↔ j-h.io/instagram ↔ j-h.io/tiktok
📧Contact me! (I may be very slow to respond or completely unable to)
🤝Sponsorship Inquiries ➡ j-h.io/sponsor...
🚩 CTF Hosting Requests ➡ j-h.io/ctf
🎤 Speaking Requests ➡ j-h.io/speaking
💥 Malware Submission ➡ j-h.io/malware
❓ Everything Else ➡ j-h.io/etc
♥ Huge thanks to MicroCenter for sponsoring this video! ♥ New MicroCenter customer? Get a free 128 GB USB & microSD! j-h.io/microcenter-new // Check out what MicroCenter has to offer! j-h.io/microcenter // Build a new workstation or server with MicroCenter! j-h.io/microcenter-builder
Alright thanks
Hey John. I’ve been following you for over a year now. It’s crazy that I remember watching your videos and being bombarded with knowledge. So much I didn’t understand or never considered.
Now, moving forward to today, I was able to switch careers and get a pentesting job, and I’ve grown so much. And now that I’m watching your video on picoCTF I’m thinking: “man, that’s such a basic/easy challenge”. I almost can’t believe these types of challenges would take me forever a year ago and I had to look up writeups constantly.
My point is, I wanna thank you for taking the time and go over the details in these beginner-friendly videos. Things like explaining what “ls” is doing or the difference between “int” and “str”. That’s gold for those who are beginning. I can see how much I’ve grown professionally and I’m certain this will also be of help to so many students out there.
You rock!
Dang how’d you get a pen test job in a year from 0
@@1ronman1 right? Unless he did some really intense 24/7 cybersecurity bootcamp or has some magic secret to absorbing all that information in such a short time bc im 4 years in and im still overwhelmed with how much i still dont know
The fact that you explain all your keyboard shortcuts is worth its weight in gold.
I love how you say out loud what you're thinking, showing a basic way and then simplify/optimize the code.
Thanks a lot for publishing all these PicoCTF videos.
Avoid ifs if you can. Strings are char arrays, so create a string of all the characters you want to map. Use its index to look up the value.
Table = "ABCD ... _"
encodedvalue = table[value % 36]
I have never 110% understood a Python video in my life before until now, Everything made so much sense and was beautifully explained (I'm a noob btw) I would absolutely love to see more Python videos with these explanations in the future
Keep grinding
Been loving this series. Keep it up man!
curly braces with mv command 😮 learn something new every day 👌
Josh, you content is so good.. such a pitty that I'm not studying for security jobs. I wish I knew someone in devops world with a quality of content like yours
That f-string didn't work because the inner string quotations you used for the join ("".join()) is the same as the outer f-string quotations. If you had written down f'picoCTF{{{"".join(flag)}}}' it would've worked
I was about to say that. Single quotes work as well as double quotes. In sublime the colour changes too.
You took the words right out of my fingers :)
Using 3 curly brackets is the key here. I did it a little differently:
3 x { }
flag = ''.join(map(str, alpha_num_list))
print(f'picoCTF{{{flag}}}')
returns:
picoCTF{R0UND_N_R0UND_B6B25531}
2 x { }
flag = ''.join(map(str, alpha_num_list))
print(f'picoCTF{{flag}}')
returns:
picoCTF{flag}
Thank you for teaching these things, it really helpful for beginners!
Thanks for explaining the python code for the non programmers! Appreciate it.
I wish I had 10% of your capacity of explaining the technical concepts so clear
You're an amazing teacher!
Great series! I am attempting each challenge myself first and then coming here to watch the video on it. Love the outro music as well.
Why not add string.ascii_uppercase + string.digits + ‘_’ use that as your map and get rid of the if then else otherwise
Thank you for explaining all of this in such detail! Really interesting as always :)
I cannot thank you enough for explaining the little things. For once I'm really understanding the material.
Libraries to the rescue again! I tried to use this whole fancy match-case thing that came with python 3.10, but apparently I need to read up more on the syntax. Yours is way cleaner, and better! Thanks for the lesson once again John, these are *GREAT!*
Great video John, I love the way you show everything and make it easy to digest.
Hey John, really not trying to be that guy who comments how things could be done better, just want to point out you could use += sign to concatenate string to the variable rather than using list and join method :) Keep up an amazing work, as always!! :)
From what I understand the list and join method to concatenate strings is significantly faster and more performant than just slapping strings together with +=... but I could be wrong! :)
@@_JohnHammond Hm, interesting, good to know.. Intuitively it sounds like doing it in constant time should be more efficient than traversing the list to join elements ( which is O(n)), but there certainly may be something I'm missing, and, to your point, since I don't know it for a fact, I might be way off as well :D
Thanks for the clear step by step breakdown with the code, that is very helpful.
Really liked the extensive explanation of basics
I find it's often simpler to define a string with the character set like CHAR_MAP = "ABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789_".
Then, mapping a single `val` becomes as simple as CHAR_MAP[int(val) % len(CHAR_MAP)].
- I use len(CHAR_MAP) here because this makes things easier if we ever wanted to extend our character set.
Amen, brother! The ascii route seemed overly complex.
Love this tutorial. Thanks John . Grad to find your youtube channel.
13:10 seems like I learned something today. Never knew such for statements were a thing.
Awesome! Thanks for the vid, John, looking forward to more CTF content!
Great one, keep these capture the flag videos coming
Felt like a Python Class
Loved it !!
cool way to convert a string array to an int array
int_array = list(map(int, string_array))
you can also omit list() if you're not planning on grabbing a specific value from the array
Wow !!!
I didnt thought that python would help us in our ctf challenges . thanks a lot sir for bring such a QUALITY Content ❤️❤️❤️😌
Nice one, simple but nice
It would probably be too high of a python level for the intended audience, but I would have started building a combined string of string.ascii_uppercase + ascii.digits + '_',, and then generated the characters in a single instruction inside the list comprehension
translate = string.ascii_uppercase + string.digits + '_' # Todo: Find better name for this ;-)
# (...) Read file into variable named content
characters = [translate[int(x) % 37] for x in content.split()]
Now all that is left to do is join the items of the list "characters" into the flag string.
The benefit is that we don't need to go through the if/else statements and we don't need to worry about getting the index straight for the digits.
I was thinking the same thing. It greatly decreases the amount of lines needed and is easier to read IMO.
@@vHawkeyev Absolutely! But like I said, maybe he wanted to keep things simpler for people with less programming experience. (In which case I would have not used list comprehension at all, as this takes a moment to get your head wrapped around. At least it did for me, despite having a ton of experience programming in many different languages before learning Python.)
your programming skills are amazing....anyways thnx for the video
Thank you John
Simple but well done, great explanations as usual, as a side-note, the string.digits is unnecessary since all the (values -26) are already exactly the digits you are indexing, as an example: string.digits[0] = 0, could have simply used the indexing-variable but keep up the great content!!
You’re thinking in same way. str = “abcdef” str[n]
Thank you John, still hope on a python course of you
Yeah I gotta work on my python you did steps that made me think I was doing it the hard way. My reality atm lol thanks for that walk through.
I really need to start learning and incorporating modules from the Python Standard Library in my scripts.
great teaching in python3.
John, Can you do a python only course? I learnt more in this video than I ever did trying to follow other python vids
that's a nice idea.....yes john we need a python only course from you!
John more such videos. Super cool.👍👍👍👍👍👍👍👍👍
love the python tutorial real world use here on ctf hope to see more of that , thanks for all the vids your , awesome at teaching, ps what video is it you install subl in kali?
Awesome content again... Really enjoy the python 101 tutorial. xD
with open("message.txt") as file_object:
contents = file_object.read()
numbers = [ int(val) for val in contents.split() ]
for number in numbers:
modulus = number % 37
if modulus in range(26):
flag.append(string.ascii_uppercase[modulus])
elif modulus in range(26,36):
flag.append(string.digits[modulus-26])
else:
flag.append("_")
I’m learning python and I can bet if you start doing python challenges videos, you’ll have a developer fan base along with cyber geeks
Yes!
Keep going god job !
Thanks for the video
ALRIGHT!!!!
Great video
Keep it up
Mr. Hammond. Can you share your bash command prompt setup? Loving it.
I love it. Thank you so much
Cool
John, here when if statement is true, why it’s showing the else statement output here? I’m learning python and cannot find a better teacher than you
For the TH-cam algo❤️
Having literally just done this challenge yesterday this made me feel dumb 😅
would have concat the alpha chars + digits + "_" all into one string then take the index of taht long look up string directly without having to deal with all of the offsets.
Great video. F string doesn’t work because you’re put three pairs of curly braces instead of two.
i knew all that mirc scripting would pay off with something i actually want to learn again......
Geat👍!
what does the flag.append(string.digits[modulus-26]) mean
thx!
What terminal is that?? I love the color changes and layout, tried setting it up with zsh and p10k but it doesn't look nearly that good
Are you doing writeups for all of them?
You should throw together a Udemy course John, you would make a killing bro
I watched the ad and bought 10 computers
The moment i got the error on 20:44 i would have just generated a list from 26- whatever I wanted to use it to index with😂
Alright!
elif = else if
Bro do buffer overflow 3, and flag leak from picoctf 2022
2:43
+
This was definitely cryptography - maybe because it was so simple and most of the video was actually spent teaching python it didnt feel like it, but you decrypted a substitute cypher with a known key.
Yt algo
You're an awesome teacher!
Great videos
great video thanks