Today I am going to start a new series of posts on how to solve some interesting CTFs on RingZer0 Online CTF.
What is RingZer0 Online CTF
The description on the website says:
“RingZer0 Team’s online CTF offers you tons of challenges designed to test and improve your hacking skills through hacking challenges. Register and get a flag for every challenge.”
The website contains a lot of challenges that spur the users to dedicate themselves in order to solve them and reach the flag (and the points!). There are also a lot of different categories:
- SQL Injection
- Reverse Engineering
- JavaScript
- Coding Challenges
- etcetera etcetera.
The goal of this post is to explain how to reach the flag for the challenge called Hash Me Please (a very basic one).
Hash Me Please
The first challenge is called Hash Me Please and it will give us only 2 points (it is very easy-peasy). After logging in head to the Coding Challenges section and here it is: the first one of this category. The page with the description is the following:
We have a pretty long message and the goal is to hash it using the SHA512 algorithm and then access to the page https://ringzer0ctf.com/challenges/13/[your_hash] in just 2 seconds.
So it is impossible to:
- Copy the message
- Paste it in some form on some website that provides a service to hash the message
- Obtain the result and paste it back in the link above.
The only solution is to implement a little script (well it is a Coding Challenge) that does the heavy work for us. A usual we will be using Python.
The Solution
The only theoretic thing I will say for this post is that the SHA512 algorithm takes a message a variable dimension and outputs a message with a fixed dimension using some magic (they call it math). Without further ado here is the Python implementation to reach this flag:
Let’s briefly explain the code. From line 1 to 3 I just import everything that is needed to reach our goal (libraries to make HTTP requests, navigate the DOM and hash the message).
The first thing I did was to create a cookie variable to store the session to be able to see the webpage (because you have to be logged in to see those challenge pages). To get the actual value you just need to open the Developer Tools. Here is an example on Firefox:
Then you just need to request the HTML page and navigate the DOM tree to find the div that contains the message (line 8). Then we must properly encode the message as UTF-8 and then we can hash it using the haslib library (line 12).
The heavy work is done!
We just need to request the web page https://ringzer0ctf.com/challenges/13/[your_hash] and navigate again the DOM to take the flag and print it out. Here is the result:
You want the source code? Here it is the link to the GitHub repo.
