NCS Competition 2021 Writeup
  • HHousen National Cyber Scholarship Competition 2021 Writeup
  • Forensics
    • FE02 - 100pts
    • FE03 - 100pts
    • FH01 - 500pts
    • FE04 - 100pts
    • FM01 - 250pts
    • FM02 - 250pts
    • FM03 - 250pts
    • FE01 - 100pts
  • Crypto
    • CM01 - 250pts
    • CM02 - 250pts
    • CX01 - 1000pts
    • CH01 - 500pts
    • CH02 - 500pts
  • Binary
    • BM01 - 250pts
    • BM02 - 250pts
    • BM03 - 250pts
    • BX01 - 1000pts
    • BX02 - 100pts
    • BE01 - 100pts
    • BE02 - 100pts
    • BH01 - 500pts
  • Networking
    • NM01 - 250pts
    • NE01 - 100pts
  • Web
    • WX01 - 1000pts
    • WE01 - 100pts
    • WE02 - 100pts
    • WH01 - 500pts
    • WH02 - 500pts
    • WM01 - 250pts
    • WM02 - 250pts
    • WM03 - 250pts
    • WM04 - 250pts
    • WM05 - 250pts
  • Challenge Name
Powered by GitBook
On this page
  • Briefing
  • Solution
  • Flag

Was this helpful?

Edit on Git
  1. Networking

NM01 - 250pts

PreviousNetworkingNextNE01 - 100pts

Last updated 4 years ago

Was this helpful?

Briefing

Retrieve output from network endpoint at cfta-nm01.allyourbases.co port 8017 and figure out how to get the flag.

Solution

  1. Let's connect to the service using netcat and see what we're dealing with:

     $ nc cfta-nm01.allyourbases.co 8017
     \x47\x4A\x52\x57\x5A\x44
     a
     Incorrect
  2. It seems to output some hexadecimal. Let's try again and input the ascii representation:

     $ nc cfta-nm01.allyourbases.co 8017
     \x55\x45\x57\x45\x4F\x4B
     UEWEOK
     Too slow!
  3. Okay, we need to do it faster. So, let's write a script that connects, converts the hexadecimal to ascii, submits the ascii representation, and then hopefully get the flag.

  4. uses pwntools to do just that. Running the script produces the following output:

     [+] Opening connection to cfta-nm01.allyourbases.co on port 8017: Done
     Decoded String: YXDKJZ
     [*] Switching to interactive mode
     Correct! - Flag: o[hex]=>i[ascii]=:)
     [*] Got EOF while reading in interactive
     [*] Closed connection to cfta-nm01.allyourbases.co port 8017
     [*] Got EOF while sending in interactive

Flag

o[hex]=>i[ascii]=:)

script.py