THS Challenges Writeups - Misc

Writeups of the challenges of THS - Misc

 

Misc

Indulging in the delightful world of internet browsing, one can’t deny the joy that comes from the delectable cookies on every website. And now, we’ve crafted a special realm just for you to amass a multitude of these cookies. Can you gather them all before they lose their freshness?

the 'dirty' spot
the 'dirty' spot
the 'dirty' spot

Seems like we need to be faster in order not to let the cookie espire.

import requests

url = 'http://ths.eemcs.utwente.nl:33109/'

cookies = {'password': 'I_LOVE_COOKIES<3'}
response = requests.get(url+'/cookie', cookies=cookies)

password = str(response.content)[1044:1069]

while (True):
    cookies = {'password': password}
    response = requests.get(url+'/cookie', cookies=cookies)
    password = str(response.content)[1044:1069]
    if password[:4] == 'THS{':
        break

print('Flag:', password)

🚀 Flag Retrieval

These are the passage to retrieve the flag:

  1. Preparation: We arm ourselves with a special cookie, confessing our love for cookies.

  2. Initial Expedition: We make our first move, sending a daring GET request to the web address, equipped with our cookie.

  3. Decrypting Clues: The response received holds hidden clues, and we diligently extract a series of characters, hoping to uncover the password.

  4. Cracking the Code: With the extracted characters in hand, we craft a loop to continuously test new cookies. Each attempt propels us closer to the coveted flag.

  5. Victory Revealed: After numerous trials, we triumphantly unveil the flag.

Nyte Encodings

The conventional byte consists of 8 bits, chosen primarily because it is a power of 2. However, for this challenge, we’re embracing a different approach - the 9-bit byte, aptly named the nyte. We believe it’s much cooler! The string provided below is a hexadecimal encoding of our flag represented as ASCII characters in nytes. Can you decipher the flag?

Encoded Flag

The following string represents the flag in hexadecimal encoding:

2a120a67b371e4e8653997cc2723297cc4332a15066722f9d0d0403717cc4793a194e67d

Python Code for Decoding

Here’s a Python script that will guide you in decoding the flag from the given hexadecimal string:

flag = ''

# Provided hexadecimal string
hexadecimal = '2a120a67b371e4e8653997cc2723297cc4332a15066722f9d0d0403717cc4793a194e67d'
print('hex:', hexadecimal)

# Transform it into decimal
decimal = int(hexadecimal, 16)
print('decimal:', decimal)

# Transform it into binary
binary = bin(decimal)
print('binary:', binary)

# Split it into chunks of 9 (instead of 8)
sequence = 0
for i in range(len(binary)//9):
    flag += chr(int(binary[sequence:sequence+9], 2))
    sequence += 9
print('Decoded Flag:', flag)

The challenge lies in the unconventional use of a 9-bit byte (nyte), deviating from the standard 8-bit byte, making the flag decoding process more intricate. Feel free to explore and use this Python script to retrieve the flag from the given hexadecimal encoding.

 

 

WhistleBlower

Alice stumbled upon the identity of the whistleblower in her company while going through some files. She needed to inform Eve but was cautious about her communications being monitored. To conceal the message, she hid it within a seemingly innocent email. Can you uncover who betrayed the company?

Challenge Description

Alice found a suspiciously formatted email and suspected that it contained a hidden message. The content of the file is provided below:

Dear Eve,       	
 	 	 	  
Thank you for your email informing me of your absence. I hope you feel better soon. Do not worry about your presentation with the Stegno Space Ltd. I can cover for you. Could you please send me your notes for that. 	  	   
 	 	  		
Thank you, 				 		
Best, 	    	 
Alice  		    
 		   	 
 	 					
  		   	
 			  		
 	 					
  		   	
 	  	   
  		  		
 	 					
 			 			
  		   	
 			  		
  		 			
 	  		  
  		  		
 	 					
 	    	 
 		 		  
  		    
 			 			
  		  		
 			  	 
 					 	

Analysis and Decoding

Upon analyzing the file, Alice noticed unusual spaces and tabs at the end of the email. She suspected that a secret message was hidden there.

cat -T Dear_Eve.txt

Alice used this command to visualize tabs and spaces in the file:

Dear Eve, ^I ^I ^I ^I
… (output truncated for brevity)

She then mapped each tab and space to binary (0s and 1s) and decoded them, using space as the delimiter and employing different byte lengths. Through this decoding, Alice found what seemed to be a piece of the flag.

Decoding Results

Decoding using 7 as byte length:

input: 1100010 1011111 0110001 1110011 1011111 0110001 1001000 0110011 1011111 1110111 0110001 1110011 0110111 1001100 0110011 1011111 1000010 1101100 0110000 1110111 0110011 1110010 1111101
output: b_1s_1H3_w1s7L3_Bl0w3r}

Decoding using 8 byte lenght:

input: 00000001 01010100 01001000 01010011 01111011 01000010 00110000
output: THS{B0

Alice retrieved the flag by concatenating the decoded strings:

THS{B0b_1s_1H3_w1s7L3_Bl0w3r}

The challenge lies in decoding the hidden message concealed within the formatting of the email, providing a glimpse into the identity of the whistleblower.

For an easier solve i wrote this code :

s = '''^I ^I ^I  
^I  ^I   
^I ^I  ^I^I
^I^I^I^I ^I^I
^I    ^I 
^I^I    
^I^I   ^I 
^I ^I^I^I^I^I
 ^I^I   ^I
^I^I^I  ^I^I
^I ^I^I^I^I^I
 ^I^I   ^I
^I  ^I   
 ^I^I  ^I^I
^I ^I^I^I^I^I
^I^I^I ^I^I^I
 ^I^I   ^I
^I^I^I  ^I^I
 ^I^I ^I^I^I
^I  ^I^I  
 ^I^I  ^I^I
^I ^I^I^I^I^I
^I    ^I 
^I^I ^I^I  
 ^I^I    
^I^I^I ^I^I^I
 ^I^I  ^I^I
^I^I^I  ^I 
^I^I^I^I^I ^I'''

l = s.split('\n')

for sol in l:
    sol = sol.replace('^I', '1')
    sol = sol.replace(' ', '0')
    print(chr(int(sol, 2)), end='')

 

 

Ford Automotive Challenge

An American car manufacturer maintains a database containing the mileage of their sold vehicles, ranging from 0 to 10,000,000. Ben, a new employee, has devised an algorithm to detect fake or anomalous mileage entries in this database. To showcase the effectiveness of his algorithm, he’s willing to provide the flag to anyone who can submit 1,000 automatically generated mileage values that pass his anomaly check.

Challenge Details

The server expects data in the form of a JSON list containing 1,000 mileage values:

# Import requests
import requests

# Send message to server to retrieve response
response = requests.post(
    "http://ths.eemcs.utwente.nl:<docker_port>/",
    json={'mileage': [<integer_value_1>, ..., <integer_value_1000>]},
)

# Get response from JSON format
print(response.json())

Data Collection and Submission

To generate the 1,000 mileage values and submit them for the challenge, the provided Python script utilizes a dataset of cars for sale. The script extracts the mileage values from the dataset and sends them via a POST request to the server endpoint.

import requests

# Sample dataset of cars with mileage information
data = """
Fiesta,2017,12000,Automatic,15944,Petrol,150,57.7,1.0
Focus,2018,14000,Manual,9083,Petrol,150,57.7,1.0
... (data truncated for brevity) ...
"""

# Split data into lines
lines = data.split('\n')

# Extract mileage values from the dataset
mileage_values = []
for line in lines:
    parts = line.split(',')
    mileage = int(parts[4])
    mileage_values.append(mileage)

# Send the mileage values via a POST request
response = requests.post(
    "http://ths.eemcs.utwente.nl:33115",
    json={'mileage': mileage_values}
)

# Print the response in JSON format
print(response.json())

Challenge Resolution

The provided Python script processes the dataset to obtain mileage values and sends them to the specified server. Upon submission, the server checks for anomalous mileage numbers based on Ben’s algorithm. If 1,000 valid mileage values are submitted, the server will respond with the flag.