Interact with the RingZer0 challenge site.

ringzer0.py

#!/usr/bin/env python3

import bs4, getpass, urllib3

url = "https://ringzer0ctf.com"
url1 = f"{url}/login"
url2 = f"{url}/challenges"

# Set up the connection pool
http = urllib3.PoolManager()

# Disable InsecureRequestWarning
urllib3.disable_warnings(urllib3.exceptions.InsecureRequestWarning)

# Initial request
r = http.request("GET", url1)

# Grab the session ID
cookie = r.headers["Set-Cookie"]

# Grab the CSRF token
csrf = r.data.decode("ascii").split("var _")[1][12:44]

# User details
user = input("Username: ")
pswd = getpass.getpass()

# Prepare the form data
form = {"username":user, "password":pswd, "csrf":csrf}

# Login
r = http.request("POST", url1, headers={"Cookie":cookie}, fields=form)
if u"Login failed" in r.data.decode("ascii"):
	exit("Incorrect username or password!")

# Function to receive challenge info
def get_chall(n):
	print(f"Getting challenge: {n}")
	r = http.request("GET", f"{url2}/{n}", headers={"Cookie":cookie})
	recv = r.data.decode("ascii")
	html = bs4.BeautifulSoup(recv, "html.parser")
	return [x.text for x in html.findAll("div", {"class":"challenge-wrapper"})][0]

# Function to submit answer and logout
def answer_chall(n, a):
	r = http.request("GET", f"{url2}/{n}/{a}", headers={"Cookie":cookie})
	recv = r.data.decode("ascii")
	if "Wrong" in recv:
		return "Incorrect answer or too slow!"
	html = bs4.BeautifulSoup(recv, "html.parser")
	flag = [x.text for x in html.findAll("div") if x.text.startswith("FLAG-")][0]
	http.request("GET", f"{url1}/logout", headers={"Cookie":cookie})
	return flag

##### Solve challenge below! #####

data = get_chall(13)
print(data)

import hashlib
msg = data.split("-----")[2].encode("ascii").strip()
hash = hashlib.sha512(msg).hexdigest()

print("Result: " + answer_chall(13, hash))