Hints and Tips for PythonChallenge level 6

This is a page of hints for the Pythonchallenge.com level 6 challenge

It does not contain the answer so you can use as many hints as you want but still have to put everything together yourself to complete it

Note: A lot of these challenges have multiple different ways of solving them, the hints here might not match to what you have found already.

Expand for hint 1

The picture is a clue to a filetype which contains the challenge.

Expand for hint 2

The Paypal link isn’t a trick, it has nothing to do with the challenge.

Expand for hint 3

Can you use code from a similar challenge to automatically navigate these?

Expand for hint 4

Check out the comments in each of the files.

Expand for hint 5

Can you collect the data from the comments in the correct order and map it?

Expand for hint 6

All the comments in the correct order should show a word

Advertisement

Hints and Tips for PythonChallenge level 5

This is a page of hints for the Pythonchallenge.com level 5 challenge

It does not contain the answer so you can use as many hints as you want but still have to put everything together yourself to complete it

Note: A lot of these challenges have multiple different ways of solving them, the hints here might not match to what you have found already.

Expand for hint 1

Browse the source code for files you can download

Expand for hint 2

Say the challenge name out loud, does it sound like any python libraries?

Expand for hint 3

Think of small preserved cucumbers

Expand for hint 4

The 2nd part involves organising the test

Expand for hint 5

The organised text should spell out a word

Spotting mobile passcodes/patterns from a distance

 

A quick warning to anyone who has a very simple passcode to their phone, you never know when you’re being recorded on camera or being watched across the room, if your passcode to get into your phone doesn’t involve your hand moving around to different keys too much its likely very simple for someone to guess your code. Someone entering the code 123456789 will be obvious to spot by the hand movement, as will someone using a passcode with only 1 digit repeated

As seen here with Lance Gooden unlocking his phone whilst being recorded. even though we can’t see the mobile phone screen it’s fairly obvious what the passcode is:

 

The same applies for unlock patterns which are a simple L or backwards L shape.

In Lances defence this could be a burner phone which only has a Whatsapp chat with the family, or he’s actually far smarter than he appears and has temporarily changed his code for the day if he knew he was going to be recorded. but it does highlight that if you are using a passcode/pattern as your only method of authentication to get into your phone you should try to use different characters as much as possible.

Cracking open recursively nested zip files

Here is a script courtesy of adithyaxx which helped me out recently.

I had a zip file containing hundreds of other zip files all contained within each other. The password for each file was it’s name. Manually typing in each password would have taken far too long, this little script helped automate the process.

	#!/usr/bin/env bash
	while [ -e *.zip ]; do
	files=*.zip;
	for file in $files; do
	echo -n "Cracking ${file}… ";
	output="$(fcrackzip -u -l 1-6 -c '1' *.zip | tr -d '\n')";
	password="${output/PASSWORD FOUND\!\!\!\!: pw == /}";
	if [ -z "${password}" ]; then
	echo "Failed to find password";
	break 2;
	fi;
	echo "Found password: \`${password}\`";
	unzip -q -P "${password}" "$file";
	rm "${file}";
	done;
	done;

view raw

recursive_unzip.sh

hosted with ❤ by GitHub

https://gist.github.com/adithyaxx/7dda95fbf2fde57d95db03cdfdd5516d.js

It opens up the zip file, reads the file name and truncates the .zip part, then uses the remaining that as a variable for the next password attempt and keeps going until it fails. The useful thing is that is prints out the attempts as it goes along in case there are any hidden patterns in the passwords names you need to pick up on:

It runs through about 2-3 unzips every second so a 500 file recursive zip file would take 5-10 minutes to get to the end of, compared with a few hours of working by hand.

Solving crypto puzzles with dcode.fr

If anyone is starting out with crypto security puzzles on sites like hack the box or diving into the world of encryption there’s a site worth taking a look at before you ever need it:

http://www.dcode.fr/en

Don’t be put off that it’s a french site, the link above takes you to the English translated version.

The site holds tools for decoding/encoding practically every type of encryption you will come across in all but the more advanced challenges. Instead of having to write your own tools for a variety of possible ciphers you think the puzzle uses you can stick your text in a bunch of possible decoders on this site and see what comes back with something sensible looking. It’s many times quicker than doing it manually or trying to search for a reliable tool.

All the encoding/decoding happens in the browser so you don’t need to wait for downloads. It’s quick and free. The list of tools it has is massive but some of the ones I’ve used to solve puzzles online are:

• https://www.dcode.fr/md5-hash
• https://www.dcode.fr/sha256-hash
• https://www.dcode.fr/differences-2-texts
• https://www.dcode.fr/caesar-cipher
• https://www.dcode.fr/rot-cipher

Even if you don’t know which Cipher you need for a challenge you can have a browse around this site and get some inspiration for possible cipher methods in a specific category.

As an example of how useful the site is here’s a basic rot cipher code where the letters have been shifted forward in the alphabet, the problem is you don’t know by how many places. Instead of running a rot decoder 26x the site has a brute force feature which will do it all at once for you:

Aopz dlizpal pz clyf bzlmbs

From that list we can clearly see that the code is shifted 7x and the decoded text is given to us.

 

Review of Udemy course –AZ-300 Azure Architecture Technologies Certification Exam

Overview

I recently passed the AZ-300 and wanted to review some of the material I used to pass it in case anyone else is thinking of taking it and wants some advice on how to prepare.

This AZ-300 course from Scott Duffy is aimed at people wishing to take the Azure technologies exam from Microsoft, the exam itself covers a lot of high level concepts within the Azure system and aims to certify that you understand a wide variety of concepts within Azure at an architect level.

The syllabus is very broad and covers topics from networking, scaling up and out automatically, Security, Migration, Web apps and anything else you’d  expect a consultant to be able to advise on if you were planning on moving to Azure.

Pros

• The course consists of lots of videos split into neat sections covering the entire AZ-300 syllabus
• The videos are high quality, clearly explaining what Scott is talking about
• The audio quality is very high
• Scott has clearly been using Azure for years and you get the impression he is talking about a lot of the topics from experience and not just documentation.

Cons

• This course is nowhere near enough by itself to pass the AZ-300, the exam is very in depth and asks some awkward questions which this course does not prepare you for
• The video course is only 10.5 hours, I suspect most people will be putting in 50+ hours of prep in order to pass the exam
• There is a lack of practical lesson which would help put the course topics into practise.

Verdict

Nobody is going to be passing the exam using just this study guide by itself. As you will need to buy other materials I can’t justify recommending this video series. Instead you should take a look and find a larger and more in depth course which provides lessons/labs to go alongside the theory. It is too easy to halfheartedly nod along to these video lessons without any of the knowledge sinking in.

The course content itself is well made, there just isn’t enough of it to make it worth while. The scenarios that would justify getting this course would be if you already have bought and used a larger 30-40 hour course and want to go over the topics again from a different perspective or if you are not interested in sitting the exam but just want to see what Azure has to offer as an alternative to AWS or on premise solutions.

Buy a larger course first, then some practise labs, then one or two sets of practise exam questions, and if you still need something extra to study after that then this course is the right thing to get.

Hints and Tips for PythonChallenge level 4

This is a page of hints for the Pythonchallenge.com level 4 challenge

It does not contain the answer so you can use as many hints as you want but still have to put everything together yourself to complete it

Note: A lot of these challenges have multiple different ways of solving them, the hints here might not match to what you have found already.

Expand for hint 1

Do not try to manually follow the numbers, there are 100’s

Expand for hint 2

Does Python have a library for reading the content of webpages?

Expand for hint 3

Try Beautiful soup

Expand for hint 4

Can you generate a new url based on what Beautiful soup finds?

Expand for hint 5

Not all the numbers are the same length

Expand for hint 6

The last page doesn’t have anymore numbers

Hints and Tips for PythonChallenge level 3

This is a page of hints for the Pythonchallenge.com level 3 challenge

It does not contain the answer so you can use as many hints as you want but still have to put everything together yourself to complete it

Note: A lot of these challenges have multiple different ways of solving them, the hints here might not match to what you have found already.

Expand for hint 1

Anything interesting in the source code?

Expand for hint 2

3 big bodyguards? what could that mean?

Expand for hint 3

Can you open the text in python like in challenge 2?

Expand for hint 4

Can Python search for patterns in text?

Expand for hint 5

Maybe Regex can help?

Expand for hint 6

Exactly 3 bodyguards, not more.

Hints and Tips for PythonChallenge level 2

This is a page of hints for the Pythonchallenge.com level 2 challenge

It does not contain the answer so you can use as many hints as you want but still have to put everything together yourself to complete it

Note: A lot of these challenges have multiple different ways of solving them, the hints here might not match to what you have found already.

Expand for hint 1

Are all the clues visible on the page?

Expand for hint 2

Maybe there’s something hidden in the source code?

Expand for hint 3

Are all the characters the same? do some of them repeat? are any unique?

Expand for hint 4

Can Python open text files and read them?

Expand for hint 5

Can you automatically remove duplicate characters?

Expand for hint 6

Have you come across the replace method before?

Hints and Tips for PythonChallenge level 1

This is a page of hints for the Pythonchallenge.com level 1 challenge

It does not contain the answer so you can use as many hints as you want but still have to put everything together yourself to complete it

Note: A lot of these challenges have multiple different ways of solving them, the hints here might not match to what you have found already.

<details><summary>Expand for hint 1</summary>If A=B, and B=C, what does C=?

</details><details><summary>Expand for hint 2</summary>if A=C, and B=D, what does C=?

</details><details><summary>Expand for hint 3</summary>Did Caeser ever invent a cipher?

</details><details><summary>Expand for hint 4</summary>Any interesting words in the page title?

</details><details><summary>Expand for hint 5</summary>What can you do with the maketrans() python method?

</details><details><summary>Expand for hint 6</summary>Once you have translated the text, try editing the URL again