WHITEBOX ATTACKS Authentication Bypass

Anyone able to figure this one out and can give a hint? The path doesn’t seem to be magic hashes as I have tried all the sha256 magic hashes I could find.

Any one get anywhere with this? No idea how to solve this up to now…:weary::weary:

1 Like

Finally got it…A hint for anyone else coming across this is make sure you follow through and understand exactly what the source code is doing…

1 Like

When considering the problem with Krelkripto, it may be worth considering non-standard encryption methods or using other cryptography methods besides SHA256 hashing. Try to consider other encryption algorithms or cryptography approaches that could be used in this context.

1 Like

So it is more than just the hashing algorithms? I have tried all of the magic numbers from the provided github list and it doesnt yield any success. is there something else to add onto? not sure what is missing here.

I don’t understand what you are saying

Have you solved it?

Any more “hints”? I did read the code. Can’t get the gimmick. Is it in the password even?

After wasting almost a day i found that the solution is soo simple… no need for different algorithms etc… just dont assume that the username is admin…

1 Like

If you’re still stuck, then consider the array of possibilities that could get you pass the authentication :wink:

I have solved the exercise. For me the key to the exercise was to understand this piece of code from profile.php:

if(strpos($_SESSION['username'], 'admin') != false) {
    $content = get_admin_info();
   }

In short the strpos function checks if the word admin is included in the value of $_SESSION['username']. That means that if you provide a username with the value Hello_admin_64 you would get a true.

Looking at the rest of the code you can see that when you enter a non-existent username like Hello_admin_64 you get a null. I think this hint is more than enough to solve the exercise.