CTF Challenge by SayCure solution
CTF Solutions Write-ups

Find The Hash – SayCure CTF Challenge Solution

Ijaz Ur Rahim0

In recent articles, I solved some CTF Challenges Solution and got a Good Response. Therefore I am here to write another CTF Challenge Solution “Find the Hash” which was also organized by @SayCureIO. Some of my Friends already posted the solution of this challenge on SayCure Blog but I will try to explain it my own words I mean how I solved it. Let’s get Started.

Overview:

Click on the selected one to read a recent article about CTF Challenge.

Challenge:

"Well, here is your flag. But do me a favor. Feed me the correct flag."
SayCure{You_HASHED_the_XXXX}
XXXX = [A-Z]
Sha-256 of the flag is "47D953330BF06E10CE7CD0707FF673F0C73561A8E422048ED8FFD2B38F99ACBA"

Understanding the Challenge:

It is clear from the above Challenge that they want us to find the 4 characters when inserted in the above Flag makes the given hash. At first, I was Stuck and thought the Hash is made from that 4 Characters, so I made a Script that makes that 4 characters, Encode it to Sha-256 Hash and then compare it with the given Hash but failed to find that 4 Characters. I then Tried to get all possible 4 Characters, put that in the Flag but still failed to find.

Find the Hash:

I was thinking about why I am unable to find the hash? I was wondering why? Then suddenly the Hash once again caught my attention and I saw that the alphabets of the given Hash were all in Upper Case. So, without wasting more time, I configured my Script and after some time I was able to find the Flag.

Code:

import itertools
import hashlib
def foo(l):
     yield from itertools.product(*([l] * 4)) 

for x in foo('ABCDEFGHIJKLMNOPQRSTUVWXYZ'):
     
    hash_object = hashlib.sha256(("SayCure{You_HASHED_the_"+str("".join(x))+"}").encode("utf-8"))
    hex_dig = hash_object.hexdigest()
    if hex_dig.upper() == "47D953330BF06E10CE7CD0707FF673F0C73561A8E422048ED8FFD2B38F99ACBA":
        print("Found: ","SayCure{You_HASHED_the_"+str("".join(x))+"}")
        break
    else:
        print("Trying.......","SayCure{You_HASHED_the_"+str("".join(x))+"}")

Output:

Trying....... SayCure{You_HASHED_the_AAAA}
Trying....... SayCure{You_HASHED_the_AAAB}
Trying....... SayCure{You_HASHED_the_AAAC}
......
Trying....... SayCure{You_HASHED_the_GLAD}
Trying....... SayCure{You_HASHED_the_GLAE}
Found: SayCure{You_HASHED_the_GLAF}

Flag:

Find the Hash CTF FLAG
Find the Hash – CTF FLAG

So that was another CTF challenge solution. See you soon with another writeup 🙂

Ijaz Ur Rahim
Just a Newbie with some Random Penetrating and Programming Skills.
https://github.com/MrDebugger

Related Articles

Manjaro Linux
Write-ups

Manjaro Linux – A Linux Distro For Newbies

Ijlal Haider

Manjaro Linux is one of the famous Linux distributions present in the Linux world alongside big names such as Arch, Ubuntu, Fedora, and Debian. According to DistroWatch, Manjaro has the most searches beating Linux Mint and Ubuntu. Manjaro is famous for being a Stable, Speed, Vast repositories and Beginner-friendly distributions. Manjaro Linux is based on […]

Introduction To Web: How internet works
Web Development Write-ups

Introduction to Web: How does the Internet Work?

Shehriar Ahmad

We’ve covered a little about Web development so far. But all we’ve discussed was a little bit high level for those who don’t know much about the internet. In our web development series, you must be surprised and maybe a little bit worried about seeing this title. So first lemme clear that you don’t need […]

Bing
Write-ups

Open Url Redirection Vulnerability in Bing

Salman Arif

Bing is a 2nd world most used search engine besides Google. It is owned by the tech giant Microsoft. It’s a great place to find news and other stuff. So for a website, bing is an important source of traffic. That’s why I was working on SEO for my website at bing.com.  But found an […]