SECCON 2014 quals # Programming – Choose the number

Posté le by - 1 938 vues

URL: http://score.quals.seccon.jp/question/
Type: programming
Solution: SECCON{Programming is so fun!}
 

Description
nc number.quals.seccon.jp 31337

The server gives us a list of numbers and asks for the maximum or the minimum one. If the answer is correct, it gives us a list with one more number, and so on… As the list grows, numbers becomes bigger:

$ nc number.quals.seccon.jp 31337
0, 0
The maximum number? 0
-5, 9, 1
The minimum number? -5
1, -7, 3, 4
The maximum number? 4
3, 6, 2, 7, 7
The maximum number? 
Timeout, bye.

 
So we have to code a client that, for each received list, compute the desired value and send it back to the server… until it gives us the flag:

import socket
 
s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
s.connect(('number.quals.seccon.jp', 31337))
data = s.recv(8192).split('\n')
while (data[0]):
  try:
    numbers = map(int, data[0].split(','))
    if (data[1] == 'The maximum number? '):
      print "max(", numbers, ") =", max(numbers)
      x = s.send(str(max(numbers)))
    elif (data[1] == 'The minimum number? '):
      print "min(", numbers, ") =", min(numbers)
      x = s.send(str(min(numbers)))
  except:
    print data
  data = s.recv(8192).split('\n')
 
s.close()

 
Finally, after 100 iterations we get the flag!

max( [-4, 4] ) = 4
max( [1, 3, 2] ) = 3
max( [-9, -4, 3, 8] ) = 8
...
min( [-3144999375, -1195602288, 237850027, 3261265588, -1686313931, -387316384, -200569824, -651908171, -3069922669, -2269670208, -1360848382, 1986195573, 3704479801, -792826864, -1441318708, -4039021871, 748001500, 828071493, 465971451, 964876192, 4051266865, 2651440071, 2884877580, -145852280, -569404145, -2977853116, 1571343842, -1385821802, -1989758754, -137827045, -3497485121, 448878235, 11313686, 3112801073, 3328813823, 1030103736, 4196680200, -3660664202, 2423983419, 3690066212, 1015080563, -2478557474, 483667363, -3534858468, -678720140, 4205426931, 3478238, -1378341982, -859402462, 3358120717, -1825035146, 1819028946, 3744426158, 1320183842, -2467863570, -2483503129, -2250808386, -3384959141, 1177772637, -2770892507, -3635643351, -143971921, 1856091826, -233966483, 1195158796, -2049673570, 3539237436, -3371110150, -4150870004, -1490616940, -3315102063, 2845728558, 4213419097, -3421736475, 2902860513, 3742581048, 2497557376, -2980040530, 3003177660, 2092331943, -3663080141, 1395488399, 1886972843, 1635687564, -2117657232, 3561517789, 1907591016, 216735961, 59041976, -4110077691, 2006896479, 2174177639, -670692853, 2854829132, -3979535484, 3219540788, -612554599, 3300939104, 1545949105, -844604313, -4051502478] ) = -4150870004
['Congratulations!', '']
['The flag is SECCON{Programming is so fun!}', '']

 

Laisser un commentaire

Votre adresse de messagerie ne sera pas publiée. Les champs obligatoires sont indiqués avec *