[ASIS CTF] SecuPrim Writeup

Standard

Description:
Test your might.
secuprim.asis-ctf.ir 42738

Who doesn’t love a good PPC challenge? We provided with only a URL and Port so I ran Netcat and faced a bot detection system asking me for ‘X’. The message said that |X|=4. I gave the 2 possible options for absolute value of 4 and those were wrong answers.

Well, if |X| isn’t for ‘absolute value of()’ then it must be ‘length of()’. You can notice that both the string appended to X and the SHA256 result are changing in every connection. I wrote a python code to calculate the answer. You can find it in the script embedded below.  After answering I got another test which I’ve been asked to solve 30 times (with a different value each time):

I wrote the following script and got the flag:

Share

2 thoughts on “[ASIS CTF] SecuPrim Writeup

  1. Danny

    Could you post your code for the first part?

    The code for the |X| , part where you wrote: ” I wrote a python code to calculate the answer,”

    Thank you for the write up! 🙂

Leave a Reply

Your email address will not be published. Required fields are marked *