We were given source code like below.
The bug is on the secret generation, where they forgot to put ()
, hence the secret is always the same (because crypto.randomUUID
value will be constant, consist of the function implementation). We only need to run the docker, and we will be able to get the correct token for the note id 0/
Flag: dice{1_d00r_y0u_d00r_w3_a11_d00r_f0r_1_d00r}
We were given a binary file and libc file. Using Ghidra, we can see the decompiled code.
There is buffer overflow bug. We just need to leak the base address, and then ROP the binary to execve address (that we found from the help of one_gadget).
Below is the full solution
Flag: dice{0ur_f16h7_70_b347_p3rf3c7_blu3_5h4ll_c0n71nu3}
We were given a wasm file which is a similar app to wordle. We need to find what is the correct words (the total words are 6). We can compile the wasm file into binary, and open it with Ghidra.
After reading the decompiled, there are 5 functions on the wasm, validate_1, validate_2, validate_3, validate_5, validate_6. Each function will be used to validate each word. Below is the source code
From the above code, we know that the first word is dice{
From the above code, we know that the second word is F!3lD
From the above code, we can easily brute-force to find the correct word. Result is d0Nu7
From the above image, we can see the implementation of validate_4. Below is the javascript method that is used to validate the fourth word.
The simplified version psuedocode is below
Deduction from the function:
To get the fourth word, what I do is try it one by one all fields in the Window object which has length 5 char. After some bruteforcing, I found that the correct field is cwrap, which will be our fourth word.
We can see that the fifth word is m@x!M
With some bruteforcing, we can found that the sixth word is T$r3}.
Finally, we recover all the words, and just concatenate all of it as once, and submit it as the flag.
Flag: dice{F!3lDd0Nu7cwrapm@x!MT$r3}
We were given this file
Reading the code, is small enough, so that we can easily factor it (with factordb). After we retrieve and , we found out that , which mean there exists multiple solution to the RSA equation.
However, is small enough, where we can easily find the of the . After retrieving the possible solutions, we just need to check which one contains dice{ on it. Below is the solution.
Flag: dice{cado-and-sage-say-hello}