Hello guys, Since i was bored by my networking exams, i thought "what if i could cheat a little bit" let's see what i did
Getting started
The first step is to acquire a cisco packet tracer exercise, and understand how packet tracer understands the file format, So i opened a file in hxd
Unfortunately looks like a complete mess, no magic number or anything, maybe is encrypted i thought, so i opened packet tracer in binary ninja and i eventually stumbled upon this function
It looked like a decryption function, so i decided to rewrite it in c++, is also implemented a zlib decompress function, as i saw is also used in packet tracer, i eventually ended up with something like this
Then i compiled and passed my pka file, and with my surprise
What's Next
I carefully read all the tags in the xml until i found something interesting
To me it looked like an hash, then i remembered that my teacher, talked about a special admin area where she could see if we copy and pasted commands or not. i quickly opened packet tracer opened the activity wizard and set my own password
then i decoded my file, and the hash changed
Looking around the activity wizard, i noticed that she can see if we cheat or not. She lied to me, and since she lied i decided to have my revenge. I downloaded all packet tracer exercises from our cisco course, decrypted and swapped the original hash with my real one. Then went to activity wizard with my password, opened the initial network sub menu and clicked "Copy from answer network"
Then i checked the answers and
So i saved my file and swapped again my hash with the original one. So my teacher won't ever notice that the file was tampered. Just to make sure where we can use these exercise, a friend of mine sent to me a pka from his course. His hash matched to the hash from my course.
So is safe to say that cisco uses the same password for all the schools.
Tips
Encrypt the sensitive content with an algorithm like AES, Using a password like this is pointless
Don't use the same password for all the courses.
Complicate the reverse engineering by using a DRM like VMProtect