Skip to content

Instantly share code, notes, and snippets.

@sneaky-potato

sneaky-potato/pythonchallenge.md

Last active June 15, 2024 16:59
Show Gist options

  • Select an option

    Learn more about clone URLs
  • Save sneaky-potato/268fd0933e0c0f3194669ce9c34c2c48 to your computer and use it in GitHub Desktop.

Select an option

Learn more about clone URLs
Save sneaky-potato/268fd0933e0c0f3194669ce9c34c2c48 to your computer and use it in GitHub Desktop.
Download ZIP
Python Challenge
Raw
pythonchallenge.md

Python Challenge ·

I found about this while searching erratically for resources for my networks lab assignment. Unbeknownst to me, this deep labyrinth was waiting, waiting for my browser to craft an HTTP request for it.

Write up for Python Challenge

Warning

Do not read beyond this point if you've not solved the challenge yet. This gist contains the solutions and analysis of levels in the order I solved them.

Table of Contents
  1. Level 0
  2. Level 1
  3. Level 2
  4. Level 3
  5. Level 4
  6. Level 5
  7. Level 6
  8. Level 7 
    9.     <!-- <ul>
      <li><a href="#chromium-based-browsers">Chromium Based Browsers</a></li>
      <li><a href="#firefox">Firefox</a></li>
    </ul>
  </ul>
</li>
<li><a href="#usage">Usage</a></li>
<li><a href="#contact">Contact</a></li>
<li><a href="#acknowledgments">Acknowledgments</a></li>
<li><a href="#miscelleneous">Miscelleneous</a></li>     -->

Level 0

  • One can see 238 written on a computer screen
  • First instinct on reading the hint was to change the url to point to 1.html instead of 0.html
    • Since this is level 0, it makes perfect sense to go to next level in this way
  • 1.html said 238 is much larger
  • Being a lazy procrastinator, I proceeded to change the url to 238.html but the creator had another message for me there
  • Finally tried 274877906944.html (actual value of 238) to get to next level.

Level 1

  • Easy ceasar cipher level, increment every letter by 2
  • Apply on url to get to next level (ocr.html)

Level 2

  • Again easy one, had to just check the page source for suspicious characters
  • There are many different ways you can solve this one, I just printed the alphabets found in the ascii mess by looping once on it (equality.html)

Level 3

  • Figured that the next flag is of the form AAAaAAA (3 capitals surrounding a small on each side)
  • Tried some permutations like IIIiIII (picture showed candles so that's why the is)
  • Again checked page source as no other hint was provided
  • Filtered words of the form AAAaAAA from the ascii only to find there are so many.
  • Figured that AAAaAAA is a weak filter (allows four consecutive capitals on each side for instance), so I searched for words of the form aAAAaAAAa instead
  • Less results -> more promising
  • Tried some initial words like qIQNlQSLi.html, I then tried l.html (middle small letter, maybe means something) only to get more hope from the message on l.html
  • Took out middle letters from all the results and got the flag (linkedlist.html then linkedlist.php)

Level 4

  • Once again, I checked the page source to find a hint about urllib (good level in my opinion)
  • Found that the picture leads to a link with query paramter nothing=12345
  • Tried linkedlist.php?nothing=12345 to find the next nothing and within some tries I found that it is a really big graph (need to find the root of the tree, perhaps)
  • As suggested in the hint, I wrote a python script to make requests in a loop and output the nothings (last word of the response text) on the terminal
  • Considering 12345 as the first nothing, we arrive at a checkpoint at the 86th nothing 16044
    • Now, the hint here says Yes. Divide by two and keep going. and my python program takes the last word always
    • Setting the next nothing as going. also leads to a valid path (as we'll see) to the next checkpoint as well as following the hint and setting the next nothing as 16044 / 2 or 8022
  • At the 234th nothing 66831 we arrive at another checkpoint
  • Hint is peak.html, taking peak as a valid flag takes you to the next level, setting it as a nothing in the query parameter takes you further deep in the graph (didn't explore that side yet)

Level 5

  • Hint says to pronounce it (another good level)
  • First instinct was to change the url to point to peek.html
  • Checked page source to find a peakhell tag with src set to banner.p
  • Changing the url to banner.p takes you to another page with some gibberish on each line
  • The gibberish looked like a serialization on some data and peak hell sounds very similar to pickel (I took a lot of time at this step wondering what to do next)
  • So, I took the gibberish and passed it to a script unserializing the data with pickle
  • Unserialized data was a long list of tuples of the form (p: char, q: int) and there were just 2 characters used: space and # (p takes two values- ' ' and #)
  • Next intuitive step was to iterate through the list and for each tuple print the character p, q number of times
  • Got the flag channel.html

Level 6

  • Hint says to find zip
  • I downloaded the image, passed it to exiftool but got no information
  • Tried pants.html and zip.html but both hints say to look closer
  • Tried channel.zip and voila, we get a zip file
  • It contains many txt files with one readme that says start with 90052 and the answer is in the zip
  • So, I wrote a similar code used before to iterate through these text files where the next file is given in the current file
  • Iterate till I found 46145.txt which says to collect the comments
  • I looked up the internet and found we can embed comments in zip files with the archival members
  • I used the python's zipfile module to extract all these comments associated with these text files and appended them to an empty list, and then joined the list to an empty string
  • Obtain the string hockey written once joined, try hockey.html
  • It says it's in the air
  • Got the flag oxygen.html

Level 7

WORK IN PROGRESS

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment