Start interactive tutorial

← Back to Projects

Blue Code - Sabotaged Password Recovery

Difficulty

  • easy

Average duration

1 hrs

Technologies

Difficulty

  • easy

Average duration

1 hrs

Technologies

🌱 How to start this lab

An internal breach has compromised one of the system’s most sensitive scripts: password.py. This seemingly harmless file has been tampered with by an attacker aiming to sabotage the onboarding of new agents into the organization’s digital environment.

Your mission as a Blue Team analyst is to audit the script, revert the manipulations, and recover the original password that should have been generated. It’s not just about fixing bugs: you’ll need to reason precisely, spot subtle inconsistencies, and restore the system’s logic.

🌱 How to start this lab

👉 From this Blue Team section onwards, the first five challenges will require the use of a preconfigured virtual machine called web-threats-lab. In some cases, you’ll only use this machine to validate your solutions; in others, you’ll also work directly on it.

Therefore, while part of your analysis can be done on your personal computer, the final validation must always be performed inside the virtual machine. Please do not delete or overwrite it, as it will be your workstation throughout this series.

  1. If you don’t have the virtual machine yet, download it from this link:
We are sorry, you don't have enough privileges to access this block of content, please signup or upgrade your plan to access it.
1 https://storage.googleapis.com/cybersecurity-machines/web-threats-lab.ova
  1. Import the virtual machine into VirtualBox.
  2. Start the VM and log in as user student:4geeks-lab.

The sabotage

Here is the affected script:

1def generate_password(): 2 part1 = "Blu3" 3 4 segment_team = "Te4" 5 6 part3_char1 = "!" 7 part3_char2_source = "n" 8 part3_char3_source = "g" 9 10 segment_ing = part3_char1 + part3_char3_source + chr(ord('o') - 2) 11 12 final_password_string = part1 + part3_char2_source + segment_team + segment_ing 13 14 return final_password_string 15 16if __name__ == "__main__": 17 print(generate_password())

Validation inside the virtual machine

Once you believe you have fixed the script and obtained the expected password, you must validate it inside the web-threats-lab virtual machine. To do so, run the following command from the terminal:

1validate-bluecode

Just follow the instructions provided by the validator.

During your investigation, you might consider using:

  • Python 3.x – to debug and run the modified script
  • CyberChef or base64 – for decoding
  • VSCode or any text editor with syntax highlighting – for code inspection

💡 Hint The password generated by the script seems to have valid parts... but assembled incorrectly. Ask yourself:

Does it make sense for a lone "n" to appear between "Blu3" and "Te4"? Isn’t there a more coherent way to join these parts? Maybe the solution isn’t to invent anything new, but to organize what you already have in a more natural way.

Good luck, agent!

Sign up and get access to solution files and videos for free

We will use it to give you access to your account.
Already have an account? Login here.

By signing up, you agree to the Terms and conditions and Privacy policy.

Difficulty

  • easy

Average duration

1 hrs

Technologies

Difficulty

  • easy

Average duration

1 hrs

Technologies

Difficulty

  • easy

Average duration

1 hrs

Technologies

Difficulty

  • easy

Average duration

1 hrs

Technologies

Sign up and get access to solution files and videos for free

We will use it to give you access to your account.
Already have an account? Login here.

By signing up, you agree to the Terms and conditions and Privacy policy.

Difficulty

  • easy

Average duration

1 hrs

Technologies

Difficulty

  • easy

Average duration

1 hrs

Technologies