ctf/IERAE CTF 2024 writeup.md
... ...
@@ -33,6 +33,7 @@ curl "192.0.2.1:3000/search?user=http%3A%2F%2F192.0.2.2%3000"
33 33
34 34
- `io_lib.py`
35 35
36
+ <details>
36 37
```python
37 38
import subprocess
38 39
import string
... ...
@@ -64,9 +65,11 @@ curl "192.0.2.1:3000/search?user=http%3A%2F%2F192.0.2.2%3000"
64 65
65 66
return generator_output_list
66 67
```
67
-
68
+ </details>
69
+
68 70
- `lib.py`
69 71
72
+ <details>
70 73
```python
71 74
# https://zenn.dev/hk_ilohas/articles/mersenne-twister-previous-state より引用
72 75
... ...
@@ -115,9 +118,10 @@ curl "192.0.2.1:3000/search?user=http%3A%2F%2F192.0.2.2%3000"
115 118
state[i] = result
116 119
return state
117 120
```
118
-
121
+ </details>
119 122
- `predict_secret.py`
120 123
124
+ <details>
121 125
```python
122 126
from lib import untemper, get_prev_state
123 127
import random
... ...
@@ -133,9 +137,11 @@ curl "192.0.2.1:3000/search?user=http%3A%2F%2F192.0.2.2%3000"
133 137
predicted = [random.getrandbits(32) for _ in range(n)]
134 138
return predicted[623]
135 139
```
136
-
140
+ </details>
141
+
137 142
- `solver.py`
138 143
144
+ <details>
139 145
```python
140 146
import subprocess
141 147
from io_lib import read_output
... ...
@@ -194,7 +200,7 @@ curl "192.0.2.1:3000/search?user=http%3A%2F%2F192.0.2.2%3000"
194 200
expected_prompts=2,
195 201
)
196 202
```
197
-
203
+ </details>
198 204
199 205
## babewaf
200 206
解けなかったけどいくつか勉強になったことがあるのでメモ。
... ...
@@ -222,6 +228,7 @@ curl "192.0.2.1:3000/search?user=http%3A%2F%2F192.0.2.2%3000"
222 228
223 229
とすると、`candidate_char_set`の中から、`appeared_char_set_dict[i]`を削除するとi文字目の文字だけが残る。
224 230
231
+<details>
225 232
競技サーバを`192.0.2.1:55555`, とする。
226 233
227 234
```python
... ...
@@ -360,3 +367,4 @@ def main():
360 367
if __name__ == "__main__":
361 368
main()
362 369
```
370
+</details>
... ...
\ No newline at end of file