Instantly share code, notes, and snippets.

# duckness/InsanityCheck-in.md

Last active March 13, 2022 04:19
Show Gist options
• Save duckness/2e2b3376e220ee6025d594d777f7b607 to your computer and use it in GitHub Desktop.
CTF.SG CTF 2022

Challenge: Insanity Check-in
Category: Sanity
Challenge-Author: Lord_Idiot
Description:

Before you begin the CTF, remember to check in! https://i.imgur.com/Re7SEcA.png

Solves: 11
Final-Points: 980

It's a QR code challenge so lets dump the QR code into QRazyBox and see what it does.

Clearly not the flag, lets play around with the other options in QRazyBox.

Woah! We almost got the flag already, the middle bit seems corrupted though. Lets try and fix up some of the middle bits that were blocked by the flag in the original QR code as we can just barely see the edges of what was covered up.

We still don't have the full flag, but now we can clearly tell that there is only 5 bits of missing information, we can just bruteforce the bits and use our eyes to pick the best looking solution (and if all else fails, bruteforce the flag submission! 👿)

```import binascii

# copied these functions from stackoverflow kek
def text_to_bits(text, encoding='utf-8', errors='surrogatepass'):
bits = bin(int(binascii.hexlify(text.encode(encoding, errors)), 16))[2:]
return bits.zfill(8 * ((len(bits) + 7) // 8))

def text_from_bits(bits, encoding='utf-8', errors='surrogatepass'):
n = int(bits, 2)
return int2bytes(n).decode(encoding, errors)

def int2bytes(i):
hex_string = '%x' % i
n = len(hex_string)
return binascii.unhexlify(hex_string.zfill(n + (n & 1)))

def int2bits(i):
return text_to_bits(int2bytes(i).decode('utf-8'))[3:]

s = '01000011010101000100011001010011010001110111101101000011011010000011001101100011011010110110??0?0?1?010000110001011011100010000101111101'

for i in range(32):
bits = int2bits(i)
s2 = s
for c in bits:
s2 = s2.replace('?',c,1)
print(text_from_bits(s2))```

output:

``````...
CTFSG{Ch3cke41n!}
CTFSG{Ch3cked1n!} <----- the flag
CTFSG{Ch3cket1n!}
...
``````