OpenCTF 2015 - absence (scripting,misc 200) Writeup
Hint:
absence 200 --- What you see is what you get - 172.16.18.20/absence-df4268407e6b95d11388f81da1468978
The absence challenge started with a C file that on first examination is simple. The source code is:
1 #include <stdio.h> 2 3 void one(char k) 4 { 5 unsigned int i, bytes[]={0x0a,0x5d,0x2c,0x0b,0x37,0x38,0x04,0x05,0x1f,0x4c,0x05,0x1f,0x4c,0x02,0x03,0x18,0x4c,0x18,0x04,0x09,0x4c,0x0f,0x03,0x08,0x09,0x4c,0x15,0x03,0x19,0x4b,0x1e,0x09,0x4c}; 6 7 for(i=0; i<32; i++) 8 printf("%c",(char)bytes[i]^k); 9 printf("\n"); 10 } 11 12 13 char two(char c) 14 { 15 return (c^0x32)-7; 16 } 17 18 19 void main(int argc, char** argv) 20 { 21 one(two('A')); 22 }
The provided C file has a bunch of trailing whitespace characters.
1 #include␠<stdio.h>␠␠␠␠␉␠␠␠␠␠↵ 2 ␉↵ 3 void␠one(char␠k)␠␠␠␉␉␠␉␉␠␠↵ 4 {␉↵ 5 ␠␠unsigned␠int␠i,␠bytes[]={0x0a,0x5d,0x2c,0x0b,0x37,0x38,0x04,0x05,0x1f,0x4c,0x05,0x1f,0x4c,0x02,0x03,0x18,0x4c,0x18,0x04,0x09,0x4c,0x0f,0x03,0x08,0x09,0x4c,0x15,0x03,0x19,0x4b,0x1e,0x09,0x4c};␉␉␠␉␉␉␉↵ 6 ␉↵ 7 ␠␠for(i=0;␠i<32;␠i++)␠␉␉␠␠␠␠↵ 8 ␉printf("%c",(char)bytes[i]^k);↵ 9 ␠␠printf("\n");␠␠␠␉␉␠␉␠␉␉↵ 10 }␉↵ 11 ␠␠␠␠␠␉␉␠␉␠␠␉↵ 12 ␉↵ 13 char␠two(char␠c)␠␠␠␉␉␠␉␉␉␠↵ 14 {␉↵ 15 ␠␠return␠(c^0x32)-7;␠␠␉␠␉␉␠␉↵ 16 }␉↵ 17 ␠␠␠␠␠␉␉␠␠␉␉␠↵ 18 ␉↵ 19 void␠main(int␠argc,␠char**␠argv)␠␠␉␉␠␉␉␉␉↵ 20 {␉↵ 21 ␠␠one(two('A'));␠␠␠␉␠␉␉␉␠␉↵ 22 }␉↵ 23 ␠␠↵ 24 ↵ 25 ↵ 26 ↵
Running the program gives:
f1@g[This is not the code you're
Extracting the trailing white space characters with:
cat absence-df4268407e6b95d11388f81da1468978 | sed -E "s/[^[:space:]]//g" > whitespaces.txt
Yields the following file with whitespace only.
␠␠␠␠␠␉␠␠␠␠␠↵ ␉↵ ␠␠␠␠␠␉␉␠␉␉␠␠↵ ␉↵ ␠␠␠␠␠␉␉␠␉␉␉␉↵ ␉↵ ␠␠␠␠␠␉␉␠␠␠␠↵ ␉↵ ␠␠␠␠␠␉␉␠␉␠␉␉↵ ␉↵ ␠␠␠␠␠␉␉␠␉␠␠␉↵ ␉↵ ␠␠␠␠␠␉␉␠␉␉␉␠↵ ␉↵ ␠␠␠␠␠␉␠␉␉␠␉↵ ␉↵ ␠␠␠␠␠␉␉␠␠␉␉␠↵ ␉↵ ␠␠␠␠␠␠␉␉␠␉␉␉␉↵ ␉↵ ␠␠␠␠␠␉␠␉␉␉␠␉↵ ␉↵ ␠␠↵ ↵ ↵ ↵
Executing that whitespace using the WS2JS interpreter yields:
lo0kin-fo]
The flag: This is not the code you're lo0kin-fo
Thanks to tecknicaltom for his insights.
Javantea - 396
tecknicaltom - 391
CryptoMonkey - 283
coldwaterq - 264
Commod0re - 254