FLAG HTB rlotto free flag
by dagger11 - May 23, 2021 at 01:18 PM
#1
its a very easy flag, you just have to guess the seed, which is the current time

here is the flag.
HTB{n3v3r_u53_pr3d1c74bl3_533d5_1n_p53ud0-r4nd0m_numb3r_63n3r470r}

good luck my dudes
#2
A write up could be nice to earn some reputation points! :D
#3
(May 24, 2021 at 12:56 PM)siracuso Wrote: A write up could be nice to earn some reputation points! :D
hey!
bro i have script for rlotto if you want pm me
#4
(May 24, 2021 at 12:56 PM)siracuso Wrote: A write up could be nice to earn some reputation points! :D

the script uses the current time as the seed to generate those numbers.
If your system time and the time on the challenge box are the same, you can just run the script locally at the same time as you're connecting to the remote and they should generate the same numbers.

Alternatively you can just take the current time and just generate seeds for the past 10 seconds or so. then all you have to do is look through all generated numbers and see which ones are the same as the ones returned by the remote
#5
(May 24, 2021 at 01:50 PM)z3uz Wrote:
(May 24, 2021 at 12:56 PM)siracuso Wrote: A write up could be nice to earn some reputation points! :D

the script uses the current time as the seed to generate those numbers.
If your system time and the time on the challenge box are the same, you can just run the script locally at the same time as you're connecting to the remote and they should generate the same numbers.

Alternatively you can just take the current time and just generate seeds for the past 10 seconds or so. then all you have to do is look through all generated numbers and see which ones are the same as the ones returned by the remote

Or just connect to both docker and local server at the same time
#6
(May 24, 2021 at 01:56 PM)apokally Wrote:
(May 24, 2021 at 01:50 PM)z3uz Wrote:
(May 24, 2021 at 12:56 PM)siracuso Wrote: A write up could be nice to earn some reputation points! :D

the script uses the current time as the seed to generate those numbers.
If your system time and the time on the challenge box are the same, you can just run the script locally at the same time as you're connecting to the remote and they should generate the same numbers.

Alternatively you can just take the current time and just generate seeds for the past 10 seconds or so. then all you have to do is look through all generated numbers and see which ones are the same as the ones returned by the remote

Or just connect to both docker and local server at the same time
correct
#7
(May 24, 2021 at 12:56 PM)siracuso Wrote: A write up could be nice to earn some reputation points! :D

Well I did not want to share the script because of how fucking bad it is. I'm really sorry for not putting it up in the previous post but here's the python script:
import time
import random

seed = int(time.time())
print(seed)
random.seed(seed)
x = random.randint(1, 90)
print(x)
x = random.randint(1, 90)

seed=seed+1
print(seed)
random.seed(seed)
x = random.randint(1, 90)
print(x)
x = random.randint(1, 90)
print(x)

seed=seed+1
print(seed)
random.seed(seed)
x = random.randint(1, 90)
print(x)
x = random.randint(1, 90)
print(x)

seed=seed+1
print(seed)
random.seed(seed)
x = random.randint(1, 90)
print(x)
x = random.randint(1, 90)
print(x)

seed=seed+1
print(seed)
random.seed(seed)
x = random.randint(1, 90)
print(x)
x = random.randint(1, 90)
print(x)

seed=seed+1
print(seed)
random.seed(seed)
x = random.randint(1, 90)
print(x)
x = random.randint(1, 90)
print(x)

You have to run this python script first and then immediately connect to the server via netcat.

once you get the matching pairs of numbers (first two). note down the seed and simply run another python script:
import random
seed= #the seed with mathing pairs
print(seed)
random.seed(seed)
x = random.randint(1, 90)
print(x)
x = random.randint(1, 90)
print(x)
x = random.randint(1, 90)
print(x)
x = random.randint(1, 90)
print(x)
x = random.randint(1, 90)
print(x)
x = random.randint(1, 90)
print(x)
x = random.randint(1, 90)
print(x)
x = random.randint(1, 90)
print(x)
x = random.randint(1, 90)
print(x)
x = random.randint(1, 90)
print(x)
the last five digits would be your answer, submitting to which leads to your flag!
p.s: my VM's time zone was set to Time zone: Europe/London (BST, +0100)
#8
(May 24, 2021 at 07:11 PM)dagger11 Wrote:
(May 24, 2021 at 12:56 PM)siracuso Wrote: A write up could be nice to earn some reputation points! :D

Well I did not want to share the script because of how fucking bad it is. I'm really sorry for not putting it up in the previous post but here's the python script:
import time
import random

seed = int(time.time())
print(seed)
random.seed(seed)
x = random.randint(1, 90)
print(x)
x = random.randint(1, 90)

seed=seed+1
print(seed)
random.seed(seed)
x = random.randint(1, 90)
print(x)
x = random.randint(1, 90)
print(x)

seed=seed+1
print(seed)
random.seed(seed)
x = random.randint(1, 90)
print(x)
x = random.randint(1, 90)
print(x)

seed=seed+1
print(seed)
random.seed(seed)
x = random.randint(1, 90)
print(x)
x = random.randint(1, 90)
print(x)

seed=seed+1
print(seed)
random.seed(seed)
x = random.randint(1, 90)
print(x)
x = random.randint(1, 90)
print(x)

seed=seed+1
print(seed)
random.seed(seed)
x = random.randint(1, 90)
print(x)
x = random.randint(1, 90)
print(x)

You have to run this python script first and then immediately connect to the server via netcat.

once you get the matching pairs of numbers (first two). note down the seed and simply run another python script:
import random
seed= #the seed with mathing pairs
print(seed)
random.seed(seed)
x = random.randint(1, 90)
print(x)
x = random.randint(1, 90)
print(x)
x = random.randint(1, 90)
print(x)
x = random.randint(1, 90)
print(x)
x = random.randint(1, 90)
print(x)
x = random.randint(1, 90)
print(x)
x = random.randint(1, 90)
print(x)
x = random.randint(1, 90)
print(x)
x = random.randint(1, 90)
print(x)
x = random.randint(1, 90)
print(x)
the last five digits would be your answer, submitting to which leads to your flag!
p.s: my VM's time zone was set to Time zone: Europe/London (BST, +0100)

i mostly copied the original script lol
here's mine, it prints the past and next 5 seeds and their results, you can then enter the first number the remote gives you back and it'll only print the relevant one again

import time
import random
outputs = []

print("START THIS AT THE SAME TIME YOU'RE CONNECTING, YOU'VE GOT A ~5 SECOND WINDOW")

for seed in range(int(time.time()-5),int(time.time()+5)):
while True:
extracted = []
next_five = []

# Initialize the (pseudo)random number generator
random.seed(seed)

# First extraction
while len(extracted) < 5:
r = random.randint(1, 90)
if(r not in extracted):
extracted.append(str(r))

# Next extraction
solution = ""
while len(next_five) < 5:
r = random.randint(1, 90)
if(r not in next_five):
next_five.append(str(r))
solution += str(r) + " "
solution = solution.strip()
break

print(f"{seed}\t{extracted} {next_five}")
outputs.append(" ".join(extracted) + "," + " ".join(next_five))

first = int(input("ENTER FIRST NUMBER >"))

for i in outputs:
if int(i.split(" ")[0]) == first: print(i)
#9
hi All,

Let me check it as well...

Possibly Related Threads…
Thread Author Replies Views Last Post
FLAG [FREE] RACECAR FLAG HTB hacker1dd 6 2,480 August 28, 2021 at 10:33 AM
Last Post: siracuso
FLAG Free Flag of Retiring Challenges intotheunknown 2 1,227 July 20, 2021 at 09:46 PM
Last Post: htbplayer
FLAG Factory HTB (Hardware challenge) Free Flag La Lisa 0 1,018 July 12, 2021 at 02:42 PM
Last Post: La Lisa

 Users browsing this thread: 1 Guest(s)