Prophecy - H@cktivityCon CTF

Category: Scripting
Solves (at time of writing): 249
Description: C A N Y O U S E E T H E F U T U R E ?

Prophecy

We are given an IP and a port to netcat into.

If we netcat into it we get a simple prompt, W H A T I S T H E N E X T N U M B E R T O C O M E F R O M T H E F U T U R E ?

If we type in a random number (e.g. 1), it tells us the right number and kicks us out of the netcat session.

Interestingly, if we relaunch the netcat session and put in the number it told us was the right one, it works.

So we could potentially just put in 1, get the right number, add that number to a list, and then relaunch the session, and put that number in.

We could do that until we have the flag.

To do exactly that I've made a quick python script with pwnlib:


from pwn import *
import time

timer = 0.3
listofnums = []
while True:
    r = remote("eight.jh2i.com", 50012)
    r.recvuntil("==============================================================================")
    for i in listofnums:
        r.recvline("F U T U R E ?")
        r.sendline(str(i))
        time.sleep(timer)
    #r.interactive()
    r.sendline("1")
    r.recvuntil("W A S")
    correctnum = int(r.recvuntil("\n").replace(b"\n", b""))
    listofnums.append(correctnum)
    print(str(listofnums))
    

Because of infrastructure problems and limitations due to abuse of their services, I had to implement a time.sleep to not get EOF'd

We let that script run, let it crash, copy the listofnums it printed out, paste it in line 5, and then uncomment line 13.

Doing that will get us the flag: flag{does_this_count_as_artificial_intelligence}

~sw1tchbl4d3, 03/08/2020 (dd/mm/yyyy)