Description:

Belarus – Electronicon – PPC – 250 pts
EN: This task is one of the methods for the psychological attacks. It is intended for people who don’t have heart diseases and reached 18 years 😉

h4ck1t{flag.upper()}

paint.txt

As the attached file says, it was real pain. I opened the file in the browser and saw this horrible thing:

Looks bad and it crashed my browser. This text file was too big for it to handle. So I opened it on Notepad++ and it was’t any better:

Still terrifying and it was heavy for notepad++ also. But this time something catched my eye. Look at the rows panel on the left, it says only 1 line. Let’s cancel word wrap (View > Word wrap) and check what it is:

Aah ah! It was a HUGE ascii-art. How huge? 11 rows of 1830661 chars each! It’s a long hex string. So now we need to parse it. I tried using this module but without any success so I decided to go for the hard way. I parsed it myself.

First, I edited the file in order to make it easy for me to parse it. I wanted that every char will be in it’s own line. I wrote a script to separate the characters:

import os

fin = open('pain.txt','r')
fout = open('out.txt', 'w')

content=fin.read()

splitted=content.split('\n')
width=13
	
print len(content)
for j in xrange(len(splitted[0])/width):
	for i in xrange(len(splitted)):
		fout.write(splitted[i][:width]+"\n")
		splitted[i]=splitted[i][width:]

Now let’s open the edited file with EmEditor that is capable of open large files and see how our file is looking like:

Good! Looks exactly like I wanted! Now in order to parse it we need to tell the code how every letter or digit is looking like so I started to define variable for each letter or digit with the matching ascii-art. It was something like that:

f_in = open('out.txt', 'r')
ff = open('flag.txt', 'w')
content = f_in.read()
content = content.split("\n")

f = content[0:11] # The letter f
c8 = content[37:48] # The digit 8
... # Another letters and digits
... # Another letters and digits
... # Another letters and digits

index = 0
while True:
     lines=content[index*12:(index+1)*12-1]
     if lines==a:
             ff.write("a")
     elif lines==b:
             ff.write("b")
     elif lines==c:
             ff.write("c")
     elif lines==c0:
             ff.write("0")
     elif lines==c1:
             ff.write("1")
     elif lines==c2:
             ff.write("2")
     elif lines==c3:
             ff.write("3")
     elif lines==c4:
             ff.write("4")
     elif lines==c5:
             ff.write("5")
     elif lines==c6:
             ff.write("6")
     elif lines==c7:
             ff.write("7")
     elif lines==c8:
             ff.write("8")
     elif lines==c9:
             ff.write("9")
     elif lines==d:
             ff.write("d")
     elif lines==e:
             ff.write("e")
     elif lines==f:
             ff.write("f")
     index+=1

I took the long hex-string and paste in hex editor. It was this photo:

Well, that’s it. We got the flag and we now can rest in peace.

Flag: h4ck1t{1_L0V3_3P1C_F0NT$}

Description:

HellMath – Mongolia – 100 – PPC – NEW

EN: Somebody thinks that you are able to calculate well. Is it true? Pass this task, prove the abilities and maybe we will recommend you to one of the most secret missions in this war.

# nc ctf.com.ua 9988 #

This one was a tricky question. Sometime we tend to think too complicated that we forget the basics of the basics.

Let’s begin. We are given with a netcat command. Let’s run it and see what will happen:

Megabeets: /tmp/h4ck1t/# nc ctf.com.ua 9988
Hello, stranger!
In this task you must solve 100 math questions.
Every task prints value C, where

C = A ^ B
and you need to return A and B.
Simple, isn't it?

C =  902688766290655704373689275053375955411443638316509920323848941975222889419457168696920458154297992623673837270038581569454814243805830583810239007096636651566143112784253577358992076929281284042240081518611899927486014041391480636127371844583712500925858241436577687881647483088199415935267570657867465207599620844695004309619118983781089160978919651087719815749856394166367766706778110070467678821838496167634418163901082752730509337302890389749997313424181834067339889277882795763685153563883836605864618300712713269080489519361527692457350059854544553090827217232806958474200121801180519077734723322730821821456307012680580248247037218481409333193782453105202353618778481032198022578852166518606909721942977575590954265237839696664727220865292977163448587698573864445402565395985502519681641780784380764161304054798829812233490916257278759562538568573426337720533085242758348167474155869479478584700074966635983754095730722241717146186660268605302301836193395575194171496181059843678720055443249024604241326634039569309251564445571858850712209536694524027635248909838940066204355066967778407959555544148932174508982884171285719680370353907943024211899094303816973257264835368157414233144693065775543775665646374894255716733398422962657186374363379853482641303616490385754787152837430574499189926206208167378653776600678668050752826349915972573133077173212387799225263508329369454811848100118727431542734051975488119495581578101088438806260901755298558179381970655381433179960687477909164284017317873303284836205753800005799794061481880410000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000

Well, We are given with a number C and we need to find numbers A and B that A^B (Power, not XOR) gives C.

At the beginning I tried to find algorithms online, “Such algorithms must exist!” I thought to myself. I found nothing and gave up for the day because it was late and I wanted to sleep. I was in my bed while message a friend the question and he simply answered:
“Did you tried 1?”
– “What 1?”
 “You know, every number power 1 equals the number” (i.e C = C^1)
– “OMG! It is so simple! You are the smartest person on earth!”

 

So I ran to my computer and wrote this short python script that gave me the flag:

from pwn import *
from time import sleep

r = remote('ctf.com.ua', 9988)
 
print r.recvuntil('?')
print r.recvline()

counter=0

while True:	
	if counter==100:
		print r.recv()
	q = r.recvline()
	c = q[5:].rstrip('\n')
	print q
	print "\n----------\n"
	print c

	ans = '%s 1'%c
	print ans
	r.send('%s\n'%ans)
	counter+=1
	
# Flag: h4ck1t{R4ND0M_1S_MY_F4V0UR1T3_W34P0N}

Flag: h4ck1t{R4ND0M_1S_MY_F4V0UR1T3_W34P0N}

 

Description:

EN: All Experts of The Silver Shield Project can’t decipher the intercepted data. Who knows, maybe you can do it?
100_00edb54bed7e46bd5cdb7c06059881c2

 

In this PPC 250 pts challenge we got only one file. Let’s run File command on it to determine it’s type.

Megabeets:/tmp/h4ckit/paraguay# file 100_00edb54bed7e46bd5cdb7c06059881c2
100_00edb54bed7e46bd5cdb7c06059881c2: Zip archive data, at least v2.0 to extract

 

This is a zip file which contains another folder within. The folder contains a file named ‘99‘. Let’s extract it and figure out it’s type:

Megabeets:/tmp/h4ckit/paraguay# file 99
99: Zip archive data, at least v1.0 to extract

99 is also a zip file, and inside it has another zip, and another zip… well, I see where it going to. I wrote a simple Powershell script to extract all the archives using the ultimate archive manipulator – 7-zip.

# Set $path to a folder only with the file '99'
# 99 Exists in 'work_folder' inside the first archive

$path = "C:\\your\\\path"

while($true)
{
    $file = (gci $path)[0]
    &'C:\Program Files\7-Zip\7z.exe' e $file.Fullname -y > $null
    if($file.Name -eq 'flag')
    {
        # print the content of the file
        gc $file
        break;

    }
    else
    {
        Remove-Item $file.Fullname
    }
}

Now let’s run it:

PS C:\h4ckit\paraguay> C:\h4ckit\paraguay\solve.ps1
FLAG: 0W_MY_G0D_Y0U_M4D3_1T