✅ Email copied!

1. Caesar Salad

zhofrph wr OhaPDFV! krsh brx zloo ohduq pdqb frro qhz wklqjv! wkh iodj lv z3Of0ph_wr_O3ap4fv

Resources + Hints

Hint: Have you heard of ciphers?

2. among us

Hqfr gn DejANIM, oe xcik waptsey ufd mabta ms. Fvr lfsg ug nsifgggiolms

Resources + Hints

Hint: More ciphers exist than just Caesar's Cipher.

3. kirby


Resources + Hints

Hint: We can also hide information in images. This is called STEGANOGRAPHY

4a. Don't Trust the Client!

Resources + Hints

Hint: What is the client versus the server?

Using the browser dev tools, you can inspect the page source and scripts that run when certain events occur (like when a user submits a form). Unfortunately, you cannot inspect or use the dev tools on chromebook, so we've provided the relevant source code below:

const ADMIN_USERNAME = "admin1234";
let PASSWORD = "welcome_" + "T0" + "_LexMACS"

function checkInput() {
  // Get the value of the input
  const username = document.getElementById("username").value;
  const password = document.getElementById("password").value;
  // Check if the given credentials are correct
  if (username === ADMIN_USERNAME && password === PASSWORD) {
    alert("Login successful! Here is the flag{redacted}");
  } else {
    alert("Invalid credentials!");

4b. More than 1 password works?!

Resources + Hints

Hints: Regex looks like gibberish.

Below is the source code for this login system. Exploit it!

function matchesPattern(str) {
  const pattern = /^\d{2}[a-z]{2}\d{2}codetiger$/;
  return pattern.test(str);

function checkPassword() {
  const password = document.getElementById('password').value;

  if (matchesPattern(password)) {
    alert("logged in successfully! SOLVED")
  } else {

5. pythons are difficult

def str_xor(secret, key):
    new_key = key
    i = 0
    while len(new_key) < len(secret):
        new_key = new_key + key[i]
        i = (i + 1) % len(key)
    return "".join([chr(ord(secret_c) ^ ord(new_Key_c)) for (scret_c,new_kEy_c) in zip(secret,new_key)])

  flag_enc = chr(0x0E)+chr(0x5F)+chr(0x11)+chr(0x4E)+chr(0x06)+chr(0x10)+chr(0x4F)+chr(0x46)

flag = str_xor(key='encoding')

    if flag is "":
  prnt('??? uhhhh bruh lol')
  print('wow!!!! you got the flag!!! i wonder what it is?? ' + flag)

Resources + Hints

Hint: Do you know Python? How do you debug an error message?

6. SQLi

import { Database } from 'bun:sqlite';
import express, { Request, Response } from 'express';

const app = express();
const PORT = 5000;

const http = require('http').createServer(app);

const db = new Database('db.sqlite', { readonly: true });

// db.query('create table IF NOT EXISTS users(username VARCHAR(128) PRIMARY KEY, password VARCHAR(128));').run();
// db.query("INSERT into users (username, password) values ('admin', 'REDACTED');").run();

app.get('/', (req: Request, res: Response) => {
    res.send('hello world');

app.get('/password', (req: Request, res: Response) => {
    const { username, password } = req.query;
    console.log(username, password);

    try {
        let result = db.query(`SELECT * from users where username='${username}' AND password='${password}'`).values();

        if (result.length == 1) {
            return res.json({ success: true });
    } catch (err) {

    res.json({ success: false });

http.listen(PORT, () => {
    console.log('listening at http://localhost:' + PORT);

Resources + Hints

Hint: This is a common basic web app exploitation. Look up SQLi and read about basic ways to exploit it.

7. ice cream

Alice <33
Heyyy Bob! We're getting ice cream at Abbott's today, right?
ice cream
Alice <33
You can pick me up at my dorm. My key is (7663, 17). Don't worry about the image, that's the least significant bit of the entire message.

Resources + Hints

Hint: Ron Rivest, Adi Shamir and Leonard Adleman