c0w5lip's blog

Write Up - CTF After Dark Winter 2023: Jester

Informations

CTF: CTF After Dark Winter 2023 Author: Jerry

Challenge

Let’s start with some addition: What is 7381 + 8074 ? Oh yeah, I think I forgot to mention. As an extra bonus to make sure you are learning, these numbers change every second :) Tee hee! Good luck keeping up!

(https://jester.acmcyber.com/)

We first encounter a page that ask us to compute an addition on random numbers in less than a second. We’ll obviously code a script that scrap the page, compute the addition, and send back the result in the submit.

We’ll use bs4 to scrap the two numbers, and requests to send the result.

By sending some text in the submit element, we can see that its sent as a part of the body of the HTTP request, throught a key named answer. So here’s the first part of the code:

from bs4 import BeautifulSoup
import requests

s = requests.Session()

addition = s.get("https://jester.acmcyber.com/").text
addition_soup = str(BeautifulSoup(addition, 'html.parser').find_all('p')[2]).split(" ")
a = int(addition_soup[2])
b = int(addition_soup[4])
answer = a + b

send_result = s.post("https://jester.acmcyber.com/validate", data={"answer":f"{answer}"}).text

Next, it seems that a second page ask us to solve a quadratic equation:

>>> print(send_result)
<!DOCTYPE html>

<html lang="en">
<head>
    <meta charset="UTF-8">
    <title>Jester</title>
</head>
<body>
    <h1>The Hardest Math Test that a Human will Ever Do, Part 2.</h1>
    <img src="/static/joker.jpg" width="500px">
    <p>How about a little quadratic formula? (Please round to the nearest integer.)</p>
    <p>What are the roots of 6 x^2 + 9678 x + 3058 ?</p>
    <form action="/validate" method="post">
        <input type="text" name="answer1">
        <input type="text" name="answer2">
        <input type="submit">
    </form>
    <p></p>
</body>
</html>

Solution :

from bs4 import BeautifulSoup
import requests
import math

s = requests.Session()

addition = s.get("https://jester.acmcyber.com/").text
addition_soup = str(BeautifulSoup(addition, 'html.parser').find_all('p')[2]).split(" ")
a = int(addition_soup[2])
b = int(addition_soup[4])
answer = a + b

quadratic = s.post("https://jester.acmcyber.com/validate", data={"answer":f"{answer}"}).text

quadratic_soup = str(BeautifulSoup(quadratic, 'html.parser').find_all('p')[1]).split(" ")
a = int(quadratic_soup[5])
b = int(quadratic_soup[8])
c = int(quadratic_soup[11])
delta = (b**2) - (4*a*c)
answer1 = round((-b-math.sqrt(delta))/(2*a))
answer2 = round((-b+math.sqrt(delta))/(2*a))

print(s.post("https://jester.acmcyber.com/validate", data={"answer1":f"{answer1}", "answer2":f"{answer2}"}).text)