writeups

CSAW CTF - 25 - Coinslot - Misc

noraj (Alexandre ZANNI)
, , ,
🇬🇧

Information#

Version#

By Version Comment
noraj 1.0 Creation

CTF#

  • Name : CSAW CTF Qualification Round 2016
  • Website : https://ctf.csaw.io/
  • Type : Online
  • Format : Jeopardy
  • CTF Time : link

Description#

#Hope #Change #Obama2008

nc misc.chal.csaw.io 8000

Solution#

The problem here is to split up a sum of money into its equivalent in bills and coins (minimum).

Here we have to script again:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
#!/usr/bin/env python2

import socket
import re
from time import sleep
from decimal import *


total = 0

def recvuntil(s, pattern, tryouts):
    data = ""
    for i in range(tryouts):
        # sleep(1)
        data += s.recv(9999)
        if pattern in data:
            return data
    return data

def calc(bills):
    global total
    times = Decimal(str(total)) / Decimal(str(bills))
    if times >= 1:
        total = Decimal(str(total)) - Decimal(str(int(times))) * Decimal(str(bills))
    return int(times)

def main():
    global total
    url = "misc.chal.csaw.io"
    port = 8000
    s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
    s.connect((url, port))
    while True:
        task = recvuntil(s, "$10,000 bills:", 10)
        print(task)
        total = re.findall("\$(.*)\s+\$10,000 bills:", task)
        if len(total) == 0:
            print(task)
            sleep(10)
        else:
            # print(total[0])
            total = Decimal(str(total[0]))

            # $10,000 bills:
            to_send = str(calc(10000))
            s.sendall(to_send + "\n")
            print(to_send)

            # $5,000 bills:
            task = recvuntil(s, "$5,000 bills:", 10)
            print(task)
            to_send = str(calc(5000))
            s.sendall(to_send + "\n")
            print(to_send)

            # $1,000 bills:
            task = recvuntil(s, "$1,000 bills:", 10)
            print(task)
            to_send = str(calc(1000))
            s.sendall(to_send + "\n")
            print(to_send)

            # $500 bills:
            task = recvuntil(s, "$500 bills:", 10)
            print(task)
            to_send = str(calc(500))
            s.sendall(to_send + "\n")
            print(to_send)

            # $100 bills:
            task = recvuntil(s, "$100 bills:", 10)
            print(task)
            to_send = str(calc(100))
            s.sendall(to_send + "\n")
            print(to_send)

            # $50 bills:
            task = recvuntil(s, "$50 bills:", 10)
            print(task)
            to_send = str(calc(50))
            s.sendall(to_send + "\n")
            print(to_send)

            # $20 bills:
            task = recvuntil(s, "$20 bills:", 10)
            print(task)
            to_send = str(calc(20))
            s.sendall(to_send + "\n")
            print(to_send)

            # $10 bills:
            task = recvuntil(s, "$10 bills:", 10)
            print(task)
            to_send = str(calc(10))
            s.sendall(to_send + "\n")
            print(to_send)

            # $5 bills:
            task = recvuntil(s, "$5 bills:", 10)
            print(task)
            to_send = str(calc(5))
            s.sendall(to_send + "\n")
            print(to_send)

            # $1 bills:
            task = recvuntil(s, "$1 bills:", 10)
            print(task)
            to_send = str(calc(1))
            s.sendall(to_send + "\n")
            print(to_send)

            # half-dollars (50c):
            task = recvuntil(s, "half-dollars (50c):", 10)
            print(task)
            to_send = str(calc(0.50))
            s.sendall(to_send + "\n")
            print(to_send)

            # quarters (25c):
            task = recvuntil(s, "quarters (25c):", 10)
            print(task)
            to_send = str(calc(0.25))
            s.sendall(to_send + "\n")
            print(to_send)

            # dimes (10c):
            task = recvuntil(s, "dimes (10c):", 10)
            print(task)
            to_send = str(calc(0.10))
            s.sendall(to_send + "\n")
            print(to_send)

            # nickels (5c):
            task = recvuntil(s, "nickels (5c):", 10)
            print(task)
            to_send = str(calc(0.05))
            s.sendall(to_send + "\n")
            print(to_send)

            # pennies (1c):
            task = recvuntil(s, "pennies (1c):", 10)
            print(task)
            to_send = str(calc(0.01))
            s.sendall(to_send + "\n")
            print(to_send)

main()

Oh yeah this script is dirty and can be a lot more functional but you know in CTF all is a matter of time...

Proof of flag:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
$22479.22
$10,000 bills:
2
$5,000 bills:
0
$1,000 bills:
2
$500 bills:
0
$100 bills:
4
$50 bills:
1
$20 bills:
1
$10 bills:
0
$5 bills:
1
$1 bills:
4
half-dollars (50c):
0
quarters (25c):
0
dimes (10c):
2
nickels (5c):
0
pennies (1c):
2
correct!
flag{started-from-the-bottom-now-my-whole-team-fucking-here}
Share