intrd has spoken
Do you think you can win this Jio-Geo challenge ?
52.90.9.177:33333
Solution
Well, wtf is Jio-geo? i don't know.. search engine doesn't help.. and why only a few teams solved this challenge?
After a few tries I figured out that I need to send a message containing my unique signature(md5 hashed), then the server register 1 hit from my IP/Country.
What I need to do is hit the server w/ my unique signature from 40 different countries!
Doing a test with some proxies i was able to confirm this.
So, where will I find 40 working connections(socks) from different countries without spending money?
There are 196 countries in the world today.
This type of challenge that involves the mastery of external resources does not attract many people, but I like it very much because it is very common in real situations.
Using Tor
My first idea is Tor.
Editing /etc/torrc you can force Tor to choose exit nodes by country:
ExitNodes {ua},{br},{us},{ie}
StrictNodes 1
Country Abbrev
ASCENSION ISLAND {ac}
AFGHANISTAN {af}
ALAND {ax}
ALBANIA {al}
ALGERIA {dz}
ANDORRA {ad}
...
Full countrycode list here
Enable/use ControlPort to change exit node on the fly:
printf "AUTHENTICATE \"yourpassword\"\r\nSIGNAL NEWNYM\r\n" | nc 127.0.0.1 9051
..or w/ a simple service tor restart
I've scripted this into a loop and almost works.. with Tor I was able to solve half the challenge 28/40
Also discovered that it is very difficult to find working exit nodes in more than 25 countries..
https://torstatus.blutmagie.de/ can help you to find countries w/ working exit nodes (move the mouse over the flag icon, that is the country code to use at
torrc)
Finishing the work w/ free Socks proxy list
At this point we need more 12 countries, so I had the idea of using a free/public Socks Proxy list organized by countries and eventually some would work..
Found this one http://www.gatherproxy.com/proxylistbycountry provided by GatherProxy
Manually and slowly I was able to finish the challenge.
FLAG: flag{I_am_a_global_citizen}