DamCTF Writeup – seed challenge
# Information:
CTF Name: DamCTF
CTF Challenge: rev/seed
Challenge Category: Reverse Engineering
Challenge Points: 249
By: m0x
DamCTF 2021
# Used Tools:
# Challenge Description:
Having a non-weak seed when generating “random” numbers is super important! Can you figure out what is wrong with this PRNG implementation?
seed.py
is the Python script used to generate the flag for this challenge. log.txt
is the output from the script when the flag was generated.
What is the flag?
# Writeup
Hello, welcome to my writeup for the DamCTF challenge seed.
In this challenge, we are presented with 2 files, a seed.py file that has some Python 3 code and log.txt that has the output of the seed.py file.
To tackle this challenge I decided to first analyze the seed.py file. Below you can see the file’s contents:
Let’s start by understanding what the code does. Well, when creating a hash it is a good practice to use a seed. Seed is a somewhat random value that works as an extra layer of encryption. This value (the seed) is a way that helps to randomize the hash function. The same seed should be used on the same application’s hashing function.
In this case, they have a seed function that generates a seed based on time stamps. In particular a specific timestamp (in the past from when we are solving this challenge, the Saturday 6 of November 2021). This makes the seed value predictable. We can, therefore brute-force it. All we need to do is go from the beginning of the competition time backward and we will eventually reach the correct date. Well, the competition started on 06/11/2021 at 01:00.
I decided to create a script Python 3 that starts on this date time and goes back 1 unit (1 second) until it reaches the correct value that has ‘b9ff3ebf’ on the flag. The final result of the script is presented below:
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
#!/usr/bin/env python3
import sys
import time
import datetime
import random
import hashlib
def hash(text):
return hashlib.sha256(str(text).encode()).hexdigest()
def crackSeed():
dt = datetime.datetime(2021,11,6, 1, 1)
s = round(dt.timestamp())
while s > 0:
s = s - 1
random.seed(s, version=2)
x = random.random()
flag = hash(x)
if 'b9ff3ebf' in flag:
print(f"The flag -> dam{{{flag}}}")
break
crackSeed()
As you can see, first I create the datetime on line 13 with the date 06/11/2021 at 01:01. I put the extra second to make sure we would start when the competition was already running (just 1 second).
Then while the generated timestamp is greater than 0 we decrement it by one and verify if the result hash corresponds to the flag.
After running the code and waiting a few seconds I got the flag.
And the flag is:
Thank you very much for reading!
Cheers,
MRegra