IT and security stuff

ringzer0ctf – Hash me if you can Writeup

So this is an easy task if you have some coding knowledge. You can’t complete this challenge without a code. It would be impossible to hash a message and send it within 2 seconds. I’m glad I learned python because even before the challenge started I already knew how I would proceed to retrieve the flag. Link to the challenge

You have 2 seconds to hash this message using sha512 algorithm
Send the answer back using https://ringzer0ctf.com/challenges/13/[your_hash]

Here is my code.

import requests
from bs4 import BeautifulSoup
import hashlib

cookie = {'PHPSESSID': 'h7hmvte9t2aqptn85orm1borp4'}  # change this
resp = requests.get("https://ringzer0ctf.com/challenges/13", cookies=cookie)

soup = BeautifulSoup(resp.text, "html.parser")
data = soup.find_all("div", {"class": "message"})

codesplit = (str(data).split("\n")[2])
code = codesplit.split("<")[0]
code1 = code.split("		")[1]
sha512code = hashlib.sha512(code1.encode())

answ = requests.get("https://ringzer0ctf.com/challenges/13/" + sha512code.hexdigest(), cookies=cookie)
soup2 = BeautifulSoup(answ.text, "html.parser")
flag = str(soup2.find_all("div", {"class": "alert alert-info"})).split(">")[1]
print(flag.split("<")[0])

That was fun!

Leave a Reply

Your email address will not be published.

This site uses Akismet to reduce spam. Learn how your comment data is processed.