diff --git a/rapport.md b/rapport.md index 1fae446..1da12ad 100644 --- a/rapport.md +++ b/rapport.md @@ -47,7 +47,7 @@ You need to edit the following fields in the HTTP request before starting the at {"username":"", "data":""} ``` -6. Finally, we want to decrypt the passwords. After investigating the handlers.Login function in the binary, we understand that the encryption used is simple Caesar Code with an offset of 4. +6. Finally, we want to decrypt the passwords. After investigating the handlers.Login function in the binary, we understand that the encryption used is simple Caesar Code with an offset of 4. ![Cesar Function](images/cesar-function.png) ![Cesar Offset](/images/cesar-offset.png) Cesar code is a symetrical algorithm. That means we can easily decrypt the passwords using any [Cesar decryption tool](https://www.dcode.fr/chiffre-cesar). We should find the password we used on step 4 as well as any other password.