PicoCTF Writeup – Based

Information: 

 

CTF Name: PicoCTF

CTF Challenge: Based

Challenge Category: General Skills

Challenge Points: 200

PicoCTF 2019.

 

# Challenge Description: 

To get truly 1337, you must understand different data encodings, such as hexadecimal or binary. Can you get the flag from this program to prove you are on the way to becoming 1337? Connect with nc jupiter.challenges.picoctf.org 29956.

Hint: I hear python can convert things. It might help to have multiple windows open.

 

Writeup 

In this challenge, we are given an netcat command with a address and a port to connect. I used it on my Linux terminal as such:

mregra on Cyber ~$ nc jupiter.challenges.picoctf.org 29956

The output was as in the image below:

As you can see we have to convert that binary array to ASCII. To do that I decided to write a simple python 3 script. This script simply converts the value provided to ASCII, as such:  

After inserting the correct word as input I received another conversion request. After that one a new came up. I was not able to solve all of them in time, the connection drooped and I had to restart. Once I did new values were presented!! I decided to improve my python 3 script to be able to perform all the required conversions (see below reference to source code on GitHub repository).   

Below is an image of my path to the solution:  

As you can see the first message given is in binary. The second however is in a different base. It is possible to see that the greater digit is 7, I assumed that this meant that the base was octal. I went to the ASCII table to confirm if these values matched any alphanumeric characters and it turned out that they matched!! The last one was a little harder to figure out, but after some research I was able to find out that it is hexadecimal. Knowing this I finished my python 3 script. In the final result I have 3 methods, one to convert from binary to ASCII, another from octal to ASCII and the last one from hexadecimal to ASCII.  

In the image below you can see the interaction with the script interface for the example above:  

And finally, the flag is:

Show flag
picoCTF{learning_about_converting_values_b375bb16}  

The source code can be found here. I decided to improve the tool so the interface might be a little different, but the idea is the same.  

Thank you very much for reading!

Cheers,

MRegra


Share this post:

Popular posts

Leave a Reply

Your email address will not be published. Required fields are marked *