Some CTF writeups
Whether it's ancient Greek politics or cryptography, oracles make life a lot easier. Except that you don't have one. And this isn't about cryptography either. You can start a local version of the challenge on your own system by starting server.py. Once you know how to solve it, connect to our service via TCP at oracle-impostor.cscg.live:1024.
We’re given the source code of the application, in there, we need to somehow guess a random string of 128 characters which will give us the flag
At the start of the
handle_connection function, we see this:
# who even needs buffering? sock.setsockopt(socket.SOL_SOCKET, socket.SO_SNDBUF, 0) sock.setsockopt(socket.SOL_TCP, socket.TCP_NODELAY, 1)
And we can also see the timeout:
The idea is rather simple, we read until we get our secret, disable our internet for 10 seconds, so the timeout handler hits and it doesn’t generate a new secret, because it only generates a new secret after sending the
If you're the real oracle, then try again. string. So if we get into the timeout handler before that we can reuse the same secret.
For this I used clumsy, because I remembered such a tool that slowed down the connection, dropped packets and lagged packets.
If we add some lag to the packets and observe the connection using
wireshark, we can drop all packets for
10 seconds after receiving our
secret. If we then send the secret we get our flag: