Do you have enough money to buy the flag?
The web application list two products to buy..
Which you can buy with valid card generated here
Accept the valid card but return a
limit exceeded error message:
Analyzing callback data
When the order is accepted/declined you get a callback data parameter from the server..
http://22.214.171.124:5000/payment/callback?data=5765679f0870f4309b1a3c83588024d7c146a4104cf9d2c8de817b1d05ac501928df361f896eb3c3706cda0474915040 Hello, customer! Payment status: good Filename: cheap.txt Content: MAKE C3 HACK AGAIN!
http://126.96.36.199:5000/payment/callback?data=232c66210158dfb23a2eda5cc945a0a9650c1ed0fa0a08f6d80475334bb8e8a1aef38fd25e8ce9872f7ef761e2bbe791 Hello, customer! Payment status: failed Credit card limit exceeded!
After running a data sequencer(unique) in the
flag callback data, we could notice that there was not much entropy.
Comparing it next to the flag callback was noticeable that in fact it was divided in 3 blocks..
So after a lot of trial and error moving the blocks in different positions we got the one that made the purchase of the flag.
The buy formula
buyflagcallback = (cheapblock + cheapblock + flagblock + flag_block)
buyflag_callback = 5765679f0870f4309b1a3c83588024d7c146a4104cf9d2c86a5c7ef475a00033472741d1bbc3c34f2f7ef761e2bbe791
http://188.8.131.52:5000/payment/callback?data=5765679f0870f4309b1a3c83588024d7c146a4104cf9d2c86a5c7ef475a00033472741d1bbc3c34f2f7ef761e2bbe791 Payment status: good Filename: flag.txt Content: Flag: 33C3_CENSORED