Choose the number SECCON CTF 2014 Programming 100pts
Soalnya
nc number.quals.seccon.jp 31337
Ketika Kita connect , kita akan menghadapi pertanyaan angka maksimal/minimal dari sebuah pertanyaan
yang makin lama makin banyak dan besar jumlah angkanya
$ nc number.quals.seccon.jp 31337 0, 7, -3 The maximum number? 7 6, 0, -3, -2 The maximum number? 6 -8, 3, 0, 6, 4 The minimum number? -8 2, 0, -8, 2, 5, 2 The maximum number?
Pertama Saya kira ini hanya sampai digit ratusan ternyata sampai
-4221710437, -1740702929, 4270517397, 3209397296, 3762024025, -3672989483, -775093555, 4151733183, 3564119176, -2899783113, -3331662677, 642770555, -3121798555, 1288976181, -3587672601, 2905985917, 2137540564, 1172635558, -1479609079, -1248372983, 3873677181, 1248052749, -1034576168, 2036474576, -253149619, -2392684096, -1930807573, -2317594216, 929234744, -1670667531, -1628006672, 879994792, 1969573571, -1305518363, -1355550455, 1095362934, -124373352, -1807675908, 3878897952, -1837056383, -2612347417, -1268914355, 4050965082, 1631467597, 2186132639, -2873319762, 2416444358, 3467519746, 1294589509, 690827023, -1648894301, 3245051371, -4125602438, 2445841557, -47857822, -148422805, 1594344784, -2702599035, -2113258438, 439412574, -3648358307, 701139315, 2674841307, -276835850, 2008480906, -742379070, -854097465, 2338492179, 653621662, 3204170814, -4292552234, -592497316, -2541019100, -1497564068, -1732032680, 188766876, -2759314033, 1756911371, -2155898580, 1151212441, -2647634085, 3941284198, -1621905813, 3066978392, 2108513714, -2592441740, -2432239477, 582366717, 151030349, -3056239567, -3323966535, 3134812599, -2106237224, -3366016099, -3040745768, -959614841, 3068410499, -3895262470, 784215697, -2397024752, 2321915702 The maximum number? >>> 4270517397 Congratulations! The flag is SECCON{Programming is so fun!}
Jadi untuk menyelesaikannya kita harus membuat script seperti ini
#!/usr/bin/env python
# coding=utf-8
from pwn import * # https://github.com/Gallopsled/pwntools
r = remote('number.quals.seccon.jp', 31337)
while True:
numbers = r.recvline()
print numbers
if 'Congrat' in numbers:
print r.recvall()
break
numbers = numbers.split(',')
numbers = map(int, numbers)
x = r.recvuntil('number?')
print x
if 'maximum' in x:
answer = max(numbers)
elif 'minimum' in x:
answer = min(numbers)
else:
print 'else'
print r.recvline()
answer = str(answer)
print '>>> %s' % answer
r.sendline(answer)p
source : https://github.com/ctfs/write-ups/blob/master/seccon-ctf-2014/choose-the-number/solve.py
Atau bisa juga gunakan kode ini
import socket
s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
s.connect(('number.quals.seccon.jp', 31337))
data = s.recv(8192).split('\n')
while (data[0]):
try:
numbers = map(int, data[0].split(','))
if (data[1] == 'The maximum number? '):
print "max(", numbers, ") =", max(numbers)
x = s.send(str(max(numbers)))
elif (data[1] == 'The minimum number? '):
print "min(", numbers, ") =", min(numbers)
x = s.send(str(min(numbers)))
except:
print data
data = s.recv(8192).split('\n')
s.close()
Akhir kata flagnya adalah :
SECCON{Programming is so fun!}
source : http://blogs.univ-poitiers.fr/e-laize/2014/12/07/seccon-2014-quals-prog-choose-number/