Guess password easy Google beginner's quest CTF 2026 write up
Source: Dev.to
Overview
The first CTF of the beginner’s quest series is Guess password Easy, a crypto‑category challenge with the description: “You will never guess my password, even if I give you the first 5 letters!”
The challenge provides a snippet of the server’s source code and a network service to connect to.
Challenge Details
Connecting to the service shows:
$ nc guess-password-easy.2025-bq.ctfcompetition.com 1337
== proof-of-work: disabled ==
Password is mnyko...............
Your guess:The server prints the first five characters of a randomly generated 20‑character password and then waits for a full guess.
Source Code Analysis
Key parts of the provided source:
// Lines 14‑21
string generateRandomPassword()
{
string res(20, '.');
for (int i = 0; i
#include
#include
#include
std::string generateRandomPassword()
{
std::string res(20, '.');
for (int i = 0; i **Note:** `srand` behaves differently across operating systems. To reproduce the exact passwords generated by the challenge, compile and run the program on a Linux system.
### Running the attack
```bash
$ g++ main.cpp -o seed_bruteforce
$ ./seed_bruteforce
$ less output.txt # search for the displayed prefix, e.g. /ftbrhThe search reveals the full password that matches the shown prefix.
Solving the Challenge
When the server displayed:
Password is ftbrh......
Your guess:the brute‑force script found the corresponding full password:
ftbrhpjdhohfnmqqaddvSubmitting this guess to the service yields the flag:
$ nc guess-password-easy.2025-bq.ctfcompetition.com 1337
== proof-of-work: disabled ==
Password is ftbrh......
Your guess: ftbrhpjdhohfnmqqaddv
CTF{flag}
Conclusion
By exploiting the predictable srand(time(0)) seed, we reduced the problem to a small time‑window brute‑force search. The approach works for any similar challenge where a password is derived from a time‑seeded PRNG and a partial prefix is disclosed.