English [EKOPARTY PRE-CTF 2015] [Misc50 – Get the flag] Write Up

Description

Get the flag

Description: GET all the flags! literally.

Hints: Source code anyone? *GET* them all

Resolution

By viewing the source page of the challenge we saw:

<b>Description: </b>
GET all the <!-- country --> flags! literally.

All the country flags?
Mhh.. OK.

We retrieved all the country on the register page:

<label for="country">Country</label>
<select class="form-control" id="country" name="country" required>
<option value="INT" selected>International</option>
<option disabled></option>
<option value="AFG">Afghanistan</option>
<option value="ALB">Albania</option>
[...]
<option value="ZMB">Zambia</option>
<option value="ZWE">Zimbabwe</option>
</select>
INT AFG ALB DZA ASM AND AGO AIA ATG ARG ARM ABW AUS AUT AZE BHS BHR BGD BRB BLR BEL BLZ BEN BMU BTN BOL BIH BWA BRA VGB BRN BGR BFA BDI KHM CMR CAN CPV CYM CAF TCD CHL CHN COL COM COG COK CRI CIV HRV CUB CYP CZE PRK COD DNK DJI DMA DOM ECU EGY SLV GNQ ERI EST ETH EUR FRO FLK FJI FIN FRA GUF PYF GAB GMB GEO DEU GHA GIB GRC GRL GRD GLP GUM GTM GIN GNB GUY HTI VAT HND HKG HUN ISL IND IDN IRN IRQ IRL ISR ITA JAM JPN JOR KAZ KEN KIR KWT KGZ LAO LVA LBN LSO LBR LBY LIE LTU LUX MAC MDG MWI MYS MDV MLI MLT MHL MTQ MRT MUS MEX FSM MCO MNG MSR MAR MOZ MMR NAM NRU NPL NLD ANT NCL NZL NIC NER NGA NIU NFK MNP NOR PSE OMN PAK PLW PAN PNG PRY PER PHL PCN POL PRT PRI QAT KOR MDA REU ROU RUS RWA SHN KNA LCA SPM VCT WSM SMR STP SAU SEN YUG SYC SLE SGP SVK SVN SLB SOM ZAF ESP LKA SDN SUR SJM SWZ SWE CHE SYR TWN TJK THA MKD TLS TGO TKL TON TTO TUN TUR TKM TCA TUV UGA UKR ARE GBR TZA USA VIR URY UZB VUT VEN VNM WLF ESH YEM ZMB ZWE

Then we downloaded all the flags, using a script of course !
We used TCL, a non common language for this task:

[tcl]
#!/bin/tclsh

#packages
package require http;
package require tls;

#register the https
http::register https 443 [list ::tls::socket -tls1 1]

#list with all the flags
set flags {INT AFG ALB DZA ASM AND AGO AIA ATG ARG ARM ABW AUS AUT AZE BHS BHR BGD BRB BLR BEL BLZ BEN BMU BTN BOL BIH BWA BRA VGB BRN BGR BFA BDI KHM CMR CAN CPV CYM CAF TCD CHL CHN COL COM COG COK CRI CIV HRV CUB CYP CZE PRK COD DNK DJI DMA DOM ECU EGY SLV GNQ ERI EST ETH EUR FRO FLK FJI FIN FRA GUF PYF GAB GMB GEO DEU GHA GIB GRC GRL GRD GLP GUM GTM GIN GNB GUY HTI VAT HND HKG HUN ISL IND IDN IRN IRQ IRL ISR ITA JAM JPN JOR KAZ KEN KIR KWT KGZ LAO LVA LBN LSO LBR LBY LIE LTU LUX MAC MDG MWI MYS MDV MLI MLT MHL MTQ MRT MUS MEX FSM MCO MNG MSR MAR MOZ MMR NAM NRU NPL NLD ANT NCL NZL NIC NER NGA NIU NFK MNP NOR PSE OMN PAK PLW PAN PNG PRY PER PHL PCN POL PRT PRI QAT KOR MDA REU ROU RUS RWA SHN KNA LCA SPM VCT WSM SMR STP SAU SEN YUG SYC SLE SGP SVK SVN SLB SOM ZAF ESP LKA SDN SUR SJM SWZ SWE CHE SYR TWN TJK THA MKD TLS TGO TKL TON TTO TUN TUR TKM TCA TUV UGA UKR ARE GBR TZA USA VIR URY UZB VUT VEN VNM WLF ESH YEM ZMB ZWE};

#download each flag from the flags list
foreach flag $flags {
set url "https://ctf.ekoparty.org/static/img/flags/${flag}.png";
set query [::http::geturl $url]
set data [::http::data $query];

set outfile [open "/home/wtf/ekoctf/misc50/${flag}.png" w+];
fconfigure $outfile -translation binary ;
puts -nonewline $outfile $data
close $outfile

::http::cleanup $query
}
[/tcl]

$ grep -i "EKO{" *.png
Binary file MKD.png matches

$ cat MKD.png
▒PNG

IHDR
▒n▒IDATx^U▒;h▒QF▒▒ϖa+T\
I#▒▒j▒V▒ب▒X▒▒▒#▒(XK▒PA▒R▒-▒L▒�▒!؄h▒R(▒▒Hf▒▒▒▒”▒▒▒p▒▒▒▒U MH7%)ku
▒v▒▒▒MyZg▒▒▒▒E<▒▒▒t2▒BWs"u▒c▒?▒)i-t▒t$▒^⍗▒▒▒|p▒7&▒y▒▒▒sՒ▒n$▒N▒v▒KȘq^{▒▒+▒5▒▒I▒g▒▒icR+Xp▒ ▒▒▒▒▒▒i▒0▒▒▒zc▒%5▒RRb▒▒>o]▒1p.▒▒▒▒▒▒#▒s▒Wӟbƈ▒s0>9▒ƃ´▒▒▒▒▒▒▒Μi48j▒1▒O▒q▒▒▒s▒l▒/”▒▒▒fp▒9c▒r▒▒qc▒
ʇ▒+▒6]▒▒▒▒▒▒5▒i▒D▒~3▒UIEND▒B`▒EKO{misc_challenges_are_really_bad}

Flag was : EKO{misc_challenges_are_really_bad}

Leave a Reply

Your email address will not be published. Required fields are marked *