# Trust The Process—Writeup
Welcome back to my writeup! Today, I’m diving into my challenge for A1SBERG players, *Trust The Process*. This challenge combines Cryptography and Forensics, testing both your analytical thinking and technical skills. I’ll walk you step by step through my approach, explain the thought process behind each action, and show how to uncover the hidden flag. Whether you’re here to learn techniques or just curious about how the puzzle was solved, this writeup has got you covered.
For this challenge we are given 2 files: `crash.dump, vaultizers.exe`
Let's check the `vaultizers.exe` :
Here, you can see it’s clearly a vault. It has two options: `Unlock` and `Partial`. Let’s try the `Partial` option first:
So it provides us with a hash of some sort.
Below there's a note saying: `Hehe go xxd it if you can:>`
At first glance, most players might assume this is just a simple hex string. But in CTF challenges, nothing is ever that straightforward, authors rarely hand you the solution on a silver platter.
See? So dig deeper.
We have a clear assumption that this is a hash, but what algorithm? Let's use `hashid` to determine what algorithm is this hash:
So it's a `SHA-256` .
With the hash in hand, you’d probably think the next step is to crack it straight away. Nope, forget that for now. There’s still a file waiting for us that we haven’t checked: the `crash.dump` .
Content of `crash.dump`:
```
[CRASH REPORT]
Timestamp: 2026-02-26 11:37:35
Process: python3
Reason: Segmentation fault
PID high nibble: 0x2E
PID low nibble: 0x8
```
Take a look at the two PIDs, do you see how the challenge title actually hints at this? Yes, it's all about PIDs!!
```
PID high nibble (hex): 0x2E
PID low nibble (hex): 0x8
```
At first glance, these values may look arbitrary. However, they encode a **single integer** using **bit-level composition**, a common technique in systems programming and reverse engineering.
#### What is a “nibble”?
* A **bit** is a single binary value: `0` or `1`
* A **nibble** is **4 bits**
* A **byte** is **8 bits**, or **two nibbles**
```
Byte = [ high nibble ][ low nibble ]
4 bits 4 bits
```
In hexadecimal representation:
* Each hex digit represents **exactly 4 bits**
* That makes hex a natural way to express nibbles
#### Understanding the given values
High nibble:
```
0x2E (hex) = 46 (decimal)
```
Binary representation:
```
0x2E = 0010 1110
```
This value is meant to occupy the **upper half** of the final number.
Low nibble:
```
0x8 (hex) = 8 (decimal)
```
Binary representation:
```
0x8 = 0000 1000
```
This value occupies the **lower 4 bits**.
#### Why shifting is required?
If we simply added the numbers:
```
46 + 8 = 54 [WRONG]
```
This would **overwrite bits** and lose positional meaning. Instead, we must **move the high nibble into the correct bit position**.
#### Bit shifting explained
Left shift operator(<<)
* Shifting left by 1 bit multiplies the value by **2**
* Shifting left by 4 bits multiplies the value by **16**
```
x << 4 == x × 16
```
So:
```
46 << 4 = 46 × 16 = 736
```
Binary:
```
0010 1110 0000
```
Now the high nibble is correctly positioned.
#### Combining the values
Once the high nibble is shifted, we **merge** the low nibble using bitwise OR:
```
736 | 8
```
Binary view:
```
0010 1110 0000
OR 0000 0000 1000
----------------
0010 1110 1000
```
Decimal result:
```
744
```
#### FORMULA
```
PID = (high_nibble << 4) | low_nibble
```
Where:
* `<< 4` shifts the high nibble into place
* `|` merges the lower bits without overwriting
#### Why OR instead of addition?
Both **addition** and **bitwise OR** would work *only if* bits do not overlap.\
However, **OR is semantically correct** because:
* It explicitly expresses **bit-level composition**
* It prevents accidental carry-over
* It reflects how values are combined in low-level systems
This is why OR is preferred in reverse engineering and kernel-level logic.
**Final reconstruction:**
```
PID = (high_nibble << 4) | low_nibble
PID = (46 << 4) | 8
PID = 736 + 8
PID = 744
```
Recovered PID: **744**
> The title nudges players to **focus on the process ID**, rather than trying random brute-force or guessing the salt blindly.
Now that we have the PID, let's use the PID to regenerate the salt
* The hash was salted using a process-derived number (PID).
* In Python, the salt can be reproduced:
```python
import random
random.seed(744) # PID
salt = str(random.randint(100000, 999999))
print(salt) # exact salt used in hash
```
Without the PID, the salt is unknowable. This demonstrates the **importance of the hint in the title**.
Our salt is **423976**!
Now that we have our salt, let's crack it!
With the **salt reproduced**, combine it with candidate passwords from a `rockyou.txt`:
```python
import hashlib
hash_to_crack = "e813d476b1950e6de714381d1a0122b2be5ab7c41f0cb530fe509f1f510460f9"
salt = "423976"
with open("/usr/share/wordlists/rockyou.txt") as f:
for word in f:
word = word.strip()
candidate_hash = hashlib.sha256((word + salt).encode()).hexdigest()
if candidate_hash == hash_to_crack:
print("Password found:", word)
break
```
Here's the result:
Now that we have our password, we can now unlock the vault!
That's it! We've got the flag!
Finishing this challenge isn’t just about a hash or a PID, it’s a reflection of loving someone and learning to trust the journey, even when it feels uncertain. Love doesn’t come with instructions, and sometimes the hints are subtle, hidden in small gestures, words, or moments that seem insignificant but mean everything. There are times when it feels one-sided, when you long for attention, care, or reassurance, and the need to be loved feels heavy on your chest. It’s easy to feel frustrated, to rush, or to try to force things, but love, like this challenge, rewards patience and consistency. Every small, thoughtful effort matters, even if it doesn’t seem to change anything at first. Mistakes happen, misunderstandings, missed cues, or moments of doubt are natural, but they don’t mean failure. They’re part of learning, growing, and understanding each other more deeply. Just like carefully piecing together the PID in the challenge revealed the password, taking patient, steady, and genuine steps in love allows the heart to find the answer over time. You have to trust the process, trust yourself, and trust the feelings, knowing that even moments of doubt or loneliness are part of the path. With patience, care, and consistency, love unfolds in its own way, and every small effort, every gesture, and every heartbeat contributes to something real and lasting.
.png?alt=media&token=34a34e43-9cd9-4e34-92fc-d821ce98217f)
.png?alt=media&token=3f53b76f-809e-4095-aab7-7056345ccfe8)
.png?alt=media&token=ed40ca55-b90b-4319-b943-04e376ae6469)
.png?alt=media&token=e1b9296a-a099-4e58-aa4f-0b3830d3941b)
.png?alt=media&token=6cca4904-5c78-4ca9-a1d2-d275f60bb72a)
.png?alt=media&token=496a2966-612b-487b-8234-d19e5e453f33)
.png?alt=media&token=76dff54d-7cfc-4919-9957-a1327c785aac)