April 14, 2022
UmdCTF 2022 Blockchain 1 - Hashcash
For this challenge we were given a tcp endpoint which used hashcash to prevent spam
Basic Information
The server provides us with some information about the hashcash configuration
ver = 1
leading zero bits = 20
date format YYMMDD
The construction of a hashcash header looks like this:
VER:LEADING_ZERO_BITS:DATE:RESOURCE::RAND:COUNTER
In our situation we probably want to send an email to the service admin, Gary so we can derive our header must look something like this
1:20:220307:[email protected]::RAND:COUNTER
Being Lazy
Now, implementing hashcash is very easy, but I am quite lazy, so I decided to take some existing code from github and to apply a few changes for our challenge
12a13
> import base64
71c72
< date_str = datetime.utcnow().strftime("%Y%m%d%H%M%S")
---
> date_str = datetime.utcnow().strftime("%y%m%d")
73c74
< rand = ''.join(rand_chars[randint(0, rc_len-1)] for x in range(0, 10))
---
> rand = base64.b64encode(bytes(''.join(rand_chars[randint(0, rc_len-1)] for x in range(0, 10)), 'ascii')).decode("utf-8")
78c79
< stamp = ":".join(str(elem) for elem in [ver, bits, date_str, resource, ext, rand, counter])
---
> stamp = ":".join(str(elem) for elem in [ver, bits, date_str, resource, ext, rand, base64.b64encode(bytes(str(counter), 'ascii')).decode("utf-8")])
This allows us to generate the header and retrieve the flag I assume that due to this challenge trying to be a buildup for the second Blockchain challenge it was designed to be this simple
Flag
UMDCTF{[email protected][email protected]_0f_pr00f_0f_w0rk}