[ASIS CTF] SecuPrim Writeup

Standard

Description:
Test your might.
secuprim.asis-ctf.ir 42738

Who doesn’t love a good PPC challenge? We provided with only a URL and Port so I ran Netcat and faced a bot detection system asking me for ‘X’. The message said that |X|=4. I gave the 2 possible options for absolute value of 4 and those were wrong answers.

[Megabeets]$ nc secuprim.asis-ctf.ir 42738
Bot detection: Are you ready?
ASIS needs proof of work to start the Math challenge.
SHA256(X + "YNT7TFm4gVadh44qNzwQdG").hexdigest() = "9a1f5add2c9198721d5efe3ba4512866...",
X is a string of alphanumeric and |X| = 4
Enter X: 4
Sorry, Bad proof of work!

[Megabeets]$ nc secuprim.asis-ctf.ir 42738
Bot detection: Are you ready?
ASIS needs proof of work to start the Math challenge.
SHA256(X + "tu1uQei0DpFfmmKaF1rdAH").hexdigest() = "1b4d598ef4e9e86dc1adb7d862e7b35f...",
X is a string of alphanumeric and |X| = 4
Enter X: -4
Sorry, Bad proof of work!

Well, if |X| isn’t for ‘absolute value of()’ then it must be ‘length of()’. You can notice that both the string appended to X and the SHA256 result are changing in every connection. I wrote a python code to calculate the answer. You can find it in the script embedded below.  After answering I got another test which I’ve been asked to solve 30 times (with a different value each time):

Good work, let's Go!

In each stage tell us the number of primes or perfect power integers in given range
-----------------------------------------------------------------------------------
What's the number of primes or perfect powers like n such that: 938663777872425905508901094461658229700971384281663171048305722544018188212593585457097324115543346387856004047801971862171751790325297281452399266743172190627763744903214644942745803882444165938580204577049548534754135264523 <= n <= 938663777872425905508901094461658229700971384281663171048305722544018188212593585457097324115543346387856004047801971862171751790325297281452399266743172190627763744903214644942745803882444165938580204577049548534754135266078

I wrote the following script and got the flag:

[TWCTF-2016: PPC] Make a Palindrome! Writeup

Standard

Challenge description:

Your task is to make a palindrome string by rearranging and concatenating given words.

Input Format: N <Word_1> <Word_2> ... <Word_N>
Answer Format: Rearranged words separated by space.
Each words contain only lower case alphabet characters.

Example Input: 3 ab cba c
Example Answer: ab c cba

You have to connect to ppc1.chal.ctf.westerns.tokyo:31111(TCP) to answer the problem.

$ nc ppc1.chal.ctf.westerns.tokyo 31111
  • Time limit is 3 minutes.
  • The maximum number of words is 10.
  • There are 30 cases. You can get flag 1 on case 1. You can get flag 2 on case 30.
  • samples.7z Server connection examples.

This challenge was pretty simple. I used the given “example.py”  and added the following function to it:

def makepal(l):
	for b in itertools.permutations(l, len(l)):
		str1 = ''.join(b)
		if str(str1) == str(str1)[::-1]:
			print b
			return b

Then I called it using the original script structure:

answer = makepal(words)

And the server returned the flag:
TWCTF{Hiyokko_Tsuppari}

The full script can be found here.