Blue Code - Sabotaged Password Recovery

Blue Code - Access Recovery

This lab is designed to immerse you in critical Blue Team tasks, developing key skills such as:

• Code Analysis: Identify and understand potentially malicious or tampered scripts.
• Logical Debugging: Trace the execution flow to find non-obvious errors.
• Reversing Tampering: Fix the code to restore its expected functionality.
• Integrity Validation: Verify that your fixes work and produce the correct result.
• Using OSINT Tools: Get familiar with tools like CyberChef for data analysis.

💻 Minimum Technical Requirements

This lab is lightweight and easy to set up:

• Python 3: You’ll need Python 3.6 or higher installed on your operating system (Windows, macOS, or Linux).
• Internet Access: To use CyberChef, which is a web-based tool.

📝 Instructions

We have detected an internal intrusion in our network. An attacker has tampered with one of our vital authentication scripts, password.py, with the goal of preventing our new agents from obtaining the system access password. This is blocking the onboarding of critical personnel.

Your mission as a member of the Blue Team is as follows:

1. Audit the Tampered Code: Analyze the provided password.py script. The attacker introduced subtle logical errors so it does not generate the correct password.
2. Discover and Generate the Original Password: Your goal is to fix the password.py code so that, when executed, it prints exactly one password.

💡 Hint The password generated by the script seems to have valid parts... but they’re assembled incorrectly. Ask yourself:

Does it make sense for there to be a stray "n" between "Blu3" and "Te4"? Isn’t there a more coherent way to put those parts together? Maybe the solution isn’t to invent anything new, but to organize what you already have in a more natural way.

1. Undo the Sabotage: Fix the manipulations. Your goal is for the script to print a password possibly used by the original team, something that makes lexical sense.

2. Validate the Password: Once your password.py generates the correct password, you must run the validator.py script. Execute it and follow the instructions to enter the password you obtained.

3. Decode the Flag: If the password is correct, validator.py will provide you with a Base64-encoded string. You must take that string and decode it using CyberChef to recover the clean flag and complete the challenge.

Good luck, agent!