creator: zomgwtfbbqWhat another coding tournament?
slots: (3/10)
status: open
winner: 2500 karma points + coding award + exclusive membership!
second: 1250 karma points
third: 500 karma points
finished: 250 karma points
stats: tournament statistics
I'm feeling a little creative atm, just came up with a new idea for a tournament so I thought let's get it on with.:cool:
Anyway, your job is to code a program that extracts a password from a random archive with random content in it.
It's similar to a hack challenge I coded in the past for HBH which was probably rejected(I never got an answer from system_meltdown) however this one is going to be a lot tougher as there will be loads of random things, which makes it more challenging to hack..
As usual the one that hacks the code in the least amount of time wins.:birthday:
Here's the challenge I submitted to HBH, however it has been recoded entirely...
Like the former coding challenge it's mandatory to code your program before starting on the tournament, or simply put...you'll loose.:nopompom:
It's not allowed to visit the challenge from your browser or you'll be disqualified, the hints in this post should be enough to beat the challenge within a timespan of 15 seconds.
From this point on you need to code your program, don't visit any of the specified pages, and be nice to your mum, k?
STEP 1:
Visit the forum, grab the bb cookies(at least SMFCookie) and try to login using cUrl or anything similar, if you get the output as if you were logged in, you can move on to the next step.
STEP 2:
Make a connection with the key providing page, [ don't visit it with your browser! ]:
http://www.tools-and-design.com/hack/Challenges/fuxor/key/4
You should get a HTML response similar to:
[..html head and body..]
<ul>
<li><a href="./challenge/yourusername1.zip">document</a></li>
<li><a href="./challenge/yourusername2.zip">document</a></li>
<li><a href="./challenge/yourusername3.zip">document</a></li>
</ul>
[..rest of html..]
IMPORTANT: The directory 'challenge' doesn't exist so don't even try, it has some other name.. you should code something that extracts the links and find out for yourself.:cool:
The interesting thing is that only one of the files exists, so if in my case:
./challenge/zomgwtfbbq1.zipdoesn't exist I'd try the other two files, the file location.
So a direct url to where you need to download the zip file from would look something like:
http://www.tools-and-design.com/hack/Challenges/fuxor/???/yourusername1.zip
STEP 3:
Now open up the zip file (using e.g. PHP's zip functions).
In the archive there are three files, which can be found in the directory called dir, all three contain a password however only one is valid.
Well how do you know which one is valid as you practically only have one shot..?
Pretty easy, it's a base64 encoded string, the other two have repetitive text patterns.
STEP 4:
Ofcourse you need to decode the base64 encoded string afterwards, to get the answer.
STEP 5:
Send the answer using the form below (if u don't see it, you'll do when you join the compo).
| rank | username | start | disqualified | answer | finished | total time |
|---|---|---|---|---|---|---|
| 1 | zomgwtfbbq | 10-14 |  | axAb5j3I |  | 2(s) |
| 2 | lasQo | 04-03 | | 7g2xjKKY | | 3(s) |
| 3 | schatten | 11-23 | | W89KtgS3 | | 13(m)10(s) |
