Question

1 Approved Answer

Posted on Sep 02, 2024

The Race Problem: If you can beat this server in a race, it will give you the flag. Given: nc 127.0.0.1 19999 Notes: Socket programming

image text in transcribed

The Race Problem: If you can beat this server in a race, it will give you the flag. Given: nc 127.0.0.1 19999 Notes: Socket programming and character conversion will be used in this solution. Steps: 1) Run the docker image docker run --rm -it -p 19999:19999 race" gijun@dell3510:-/teaching/ctf/docker/1.race/srcs docker run --rm -it -P 19999:19999 race Race me at: nc_127.0.0.1 19999 Hint: Socket programming must be used to win this race. The flag looks like FLAG{.....} 2) Connect to server using the tool 'nc' (netcat), and see what the output is. Obviously, it gives the ASCII code of a character in the binary form. In this screenshot, the ASCII code is '01010011'. You can check the code on http://www.ascii-code.com/. The corresponding character is 'S'. qijun@glap:-/teaching/ctf/txctf-writeups/coding File Edit View Search Terminal Help [qijun@gl ap coding] $ nc localhost 19999 If you can answer all my questions in 1 second, I'll give you the flag. What letter is '01010011' But, you will need to send the character back based on the ASCII code within one second. The server stops the connection if not receiving response in one second. You have to make a program to respond automatically and quickly. 3) Start creating a Python3 script that you will build on to beat the speed of the server timeout. Now that we have seen the first question, let's start putting the script together. #!/usr/bin/python3 # -*. coding: utf-8 -*- import socket host = '127.0.0.1 port = 19999 r=socket.socket(socket. AF_INET, socket. SOCK_STREAM) r.connect((host, port)) d=r.recv(2048).decode() print(d) This script imports socket, which provides networking programming functions. It creates a socket, connects to the server 127.0.0.1 on port 19999, and receives data that the server gives out, which can be seen in the first screenshot. When running this script you would see the same output as in the screenshot. 4) We must use a script to retrieve the flag, because the server will timeout in 1 second. Meaning there is no possible way you can answer all the questions with human input. The input must be sent as a stream to the server and interpreted by the server in faster than 1 second. This next screenshot is part of the solution to show how to extract the ASCII code from the server's output, convert it to a character, and then send the character back to the server. So, the process of responding to each question is automated. You need to repeat the code snippet for all questions until you get the flag. s=d.split("")[-2] print(s) c = chr(int(5,2)) print(c) r.send((C+' ').encode()) This shows how to send data back to the server. Now, you can build a complete script to solve this problem. The Race Problem: If you can beat this server in a race, it will give you the flag. Given: nc 127.0.0.1 19999 Notes: Socket programming and character conversion will be used in this solution. Steps: 1) Run the docker image docker run --rm -it -p 19999:19999 race" gijun@dell3510:-/teaching/ctf/docker/1.race/srcs docker run --rm -it -P 19999:19999 race Race me at: nc_127.0.0.1 19999 Hint: Socket programming must be used to win this race. The flag looks like FLAG{.....} 2) Connect to server using the tool 'nc' (netcat), and see what the output is. Obviously, it gives the ASCII code of a character in the binary form. In this screenshot, the ASCII code is '01010011'. You can check the code on http://www.ascii-code.com/. The corresponding character is 'S'. qijun@glap:-/teaching/ctf/txctf-writeups/coding File Edit View Search Terminal Help [qijun@gl ap coding] $ nc localhost 19999 If you can answer all my questions in 1 second, I'll give you the flag. What letter is '01010011' But, you will need to send the character back based on the ASCII code within one second. The server stops the connection if not receiving response in one second. You have to make a program to respond automatically and quickly. 3) Start creating a Python3 script that you will build on to beat the speed of the server timeout. Now that we have seen the first question, let's start putting the script together. #!/usr/bin/python3 # -*. coding: utf-8 -*- import socket host = '127.0.0.1 port = 19999 r=socket.socket(socket. AF_INET, socket. SOCK_STREAM) r.connect((host, port)) d=r.recv(2048).decode() print(d) This script imports socket, which provides networking programming functions. It creates a socket, connects to the server 127.0.0.1 on port 19999, and receives data that the server gives out, which can be seen in the first screenshot. When running this script you would see the same output as in the screenshot. 4) We must use a script to retrieve the flag, because the server will timeout in 1 second. Meaning there is no possible way you can answer all the questions with human input. The input must be sent as a stream to the server and interpreted by the server in faster than 1 second. This next screenshot is part of the solution to show how to extract the ASCII code from the server's output, convert it to a character, and then send the character back to the server. So, the process of responding to each question is automated. You need to repeat the code snippet for all questions until you get the flag. s=d.split("")[-2] print(s) c = chr(int(5,2)) print(c) r.send((C+' ').encode()) This shows how to send data back to the server. Now, you can build a complete script to solve this