Post

Lenore Blum

This is a writeup of the crypto challenge Lenore Blum from the CyberHeroines(https://cyberheroines.ctfd.io/) CTF

Level: Medium, Score: 300

Premise

Lenore Carol Blum (née Epstein born December 18, 1942) is an American computer scientist and mathematician who has made contributions to the theories of real number computation, cryptography, and pseudorandom number generation. She was a distinguished career professor of computer science at Carnegie Mellon University until 2019 and is currently a professor in residence at the University of California, Berkeley. She is also known for her efforts to increase diversity in mathematics and computer science. - Wikipedia Entry

Chal: Connect to 0.cloud.chals.io 28827 and return the flag to the computational mathematics professor from this random talk

Author: Robbie

Challenge files:

chal.bin

Observations

For this challenge, I strongly reccomend loking at the official writeup of the challenge, since it actually explains how the challenge works and likely “should” be solved.

In the challenge, we have a numbers game, where we’re given a seed and asked to predict the number that the seed will generate.

If you like finding exploits through the following method:

Funny

You’ve come to the right place

Solution

What I discovered was that, as the game runs, if you spam it enough times, you’ll get duplicate seeds.

Since the challenge prints out what the expected result of a seed was, we can use this to our advantage, since we just need to keep spamming untill we find ourselves a seed appearing twice, as shown here.

Spam Poc

This is done when running the file locally, so we can make an attempt to recreate this “solution” on the live insance, as seen here:

Spam flag

Giving us our flag

chctf{cr3at0r_0f_d0main_n4m3_syst3m}

To wrap things up, I will express myself through this meme:

ifitworksitworks

Tools used:

  • netcat
  • spamming
This post is licensed under CC BY 4.0 by the author.