Kabinet's GitBook
  • 🚩Kabinet CTF's Writeups
  • Page
  • 2025
    • Thuderdome
      • Emerge through the breach
      • Pulled from the sky
      • An absent defense
      • A new wave (web of deceit)
      • Crossing the great divide
      • Joining forces as one
      • Infiltrate (open the gate)
      • Jaeger
      • Victory
  • 2024
    • GreyCTF 2024
      • Markdown Parser
      • Fearless Concurrency
      • GreyCTF Survey
      • Baby Web
      • Beautiful Styles
      • All About Timing
      • Poly Playground
    • TetCTF 2024
      • Hello from API GW
      • Microservices
  • 2023
    • BSidesSF Cloud Village CTF
      • Tony Tony Tony
      • Plain Sight
      • A Suit of Armor Around The World
      • Sharing is Caring + Sequel
      • Photo Drive
    • DART CTF
      • Flag 1
      • Flag 2
      • Flag 3
      • Flag 4
      • Flag 5
      • Flag 6
      • Flag 7
      • Flag 8
      • Flag 9
      • Flag 10
    • EKS Cluster Games
    • Big IAM Challenge
  • 2022
    • Stack The Flag
      • Secret of Meow Olympurr
  • Authored
    • Cyber League 2025 Major 1
      • Perfect Storage
      • catalog commits
      • pawtainer hub
    • Lag and Crash 2023
      • Managed Secrets
      • Pickle Rick
      • Cloudy with a chance of meatball
    • NYP InfoSec December CTF 2022
      • Super Secure Technology Infrastructure
      • Self Introduction
      • Aww Cuter Cat
      • Obligatory Calc
      • BreadSecurity
  • NYP InfoSec Introduction to Pentesting Workshop
Powered by GitBook
On this page
  • Description
  • Code Analysis
  • Exploit

Was this helpful?

  1. 2024
  2. GreyCTF 2024

All About Timing

Description

I'm always late for class but my prof told me that time is relative Comment Suggest edit

Author: jloh02

nc challs.nusgreyhats.org 31111

https://storage.googleapis.com/greyctf-challs/dist-All-About-Timing.zip

Code Analysis

import time
import random

random.seed(int(time.time()))

print("Guess the number I'm thinking of? It's all about the timing")
x = input("Your guess:")

n = random.randint(1000000000000000, 10000000000000000-1)

if int(x) == n:
    with open("flag.txt") as f:
        print(f.readline())
else: 
    print(f"Wrong answer! The number I was thinking of was {n}\nRemember it's all about the timing!")

The code generated a random integer, using the time as seed

Exploit

As python random is pseudo random, with the same seed, we are able to generate the same number each time.

I wrote a simple solve script using pwntools.

import time
import random
from pwn import *


host = "challs2.nusgreyhats.org" 
port = 31111

conn = remote(host,port)

random.seed(int(time.time()))
n = random.randint(1000000000000000, 10000000000000000-1)
q = conn.recvuntil(b'Your guess:')
conn.sendline(str(n).encode())
flag = conn.recvuntil(b"}\n")
print(flag)
conn.close()

Flag: grey{t1m3_i5_a_s0c1al_coNstRucT}

PreviousBeautiful StylesNextPoly Playground

Last updated 1 year ago

Was this helpful?