Writeups
  • Writeups
  • 2020 Writeups
    • Angstrom
      • Git Good
      • Secret Agents
      • windows of opportunity
      • Califrobnication
      • Patcherman
      • Just Rust
      • No canary
      • WS3
      • Confused Streaming
      • Reasonably Secure Algorithm
      • Defund's Crypt
      • Low-kee
      • Discrete Superlog
      • Wacko Images
      • Shifter
      • Xmas Still Stands
      • Noisy
      • Canary
      • Inputter
      • clam clam clam
      • PSK
      • Taking Off
      • Consolation
      • Wooosh
      • Signal_of_hope
      • One Time Bad
      • Revving up
    • bsidesBOS
      • Binary Exploitation
        • Patches
        • Sea Shells
      • Cryptography
        • Alice and Bob
        • Exodia
        • Fancy Caesar
        • Flag-SP Network
        • Maelstrom
      • Forensics
        • Amnesia
        • Mercury
        • Mobility
        • Patchwork Quilt
        • Spy Cam
      • Misc
        • Tea-mix
        • Swipe
      • Scripting
        • Flushed Revenge
        • Reggae
        • Robot Takeover
      • Steg
        • Dimension 0
        • Saving The World
        • Secret Romance
      • Warmup
        • Give Up
        • Kiddie Pool
        • Play The Harp
        • Where's The Body
        • Baseball
        • Ez Bake Oven
        • Y2K
      • Web
        • Clown Show
        • Yet Another Micro-story Library
    • Crypto CTF
      • Amsterdam
      • One Line Crypto
      • Trailing Bits
      • Gambler
    • Covid19 CTF
      • Sql db 3
      • Web 1 (Something Derpy? Idk)
      • ECB is the best CB
      • Db 2
      • Scouting
    • FWordCTF
      • Pwn
        • Welcome Pwner
        • One Piece Remake
        • Numbers
      • Misc
        • Secret Array
        • Twis Twis Litlle Star
      • Web
        • JAILOO WARMUP
      • Rev
        • Tornado
        • XO
        • Beginner Rev
        • Fibo
      • Crypto
        • Randomness
        • One Part!
        • BDBG
        • Weird RSA
      • OSINT
        • Identity Fraud
      • Bash
        • CapiCapi - bash
      • Forensics
        • NULL
    • Google
      • Reversing
        • Beginner
      • Hardware
        • Basics
      • Crypto
        • Chunk Norris
        • Sharky - Crypto
      • Sandbox
        • Writeonly
    • Hacktivity Con
      • Binary Exploitation
        • Pancakes
        • Statics and Dynamics
        • Space Force
          • Space Force - Binary Exploitation
        • Bullseye
      • Scripting
        • Misdirection
        • Rescue Mission
        • Hashbrown Casserole
        • Flushed
        • Tootsie Pop
      • Crypto
        • OFBuscated
        • Tyrannosaurus Rex
        • Perfect XOR
        • Bon Apettit
        • A E S T H E T I C
      • Steg
        • Cold War
        • substitute face
        • Vencryption
      • Mobile
        • Mobile One
      • Web
        • Lightweight Contact Book
        • Bite
        • Ladybug
      • Forensics
        • Domo Arigato
      • Warm Up
        • Hexgedit
        • Caesar Mirror
        • Internet Cattos
      • Misc
        • Private Investigator
    • Houseplant
      • 11
      • Deep Lyrics
      • Adventure Revisited
      • CH₃COOH
      • Rivest Shamir Adleman
      • Zip-a-dee-doo-dah
      • Pie Generator
      • Ez
      • Groovin and Cubin
      • QR Generator
      • Half
      • Tough
      • Beginner Writeups
      • Spilled Milk
      • Fire-place
      • Survey Writeup: Houseplant 2020
      • Sizzle
      • Post-Homework Death
      • Rainbow vomit
      • Lemon
      • I dont like needles
      • Pz
      • Music Lab
      • Ezoterik
      • Parasite
      • Catography
      • Selfhost all the things!
      • Satan's jigsaw
    • HSCTF
      • Web
        • Broken Tokens
      • Binary Exploitation
        • Pwnagotchi
        • Boredom
      • Reverse Engineering
        • Ice Cream Bytes
        • AP lab: Comp Sci Principles
        • AP Lab: English Language
      • Forensics
        • Meta Mountain
      • Misc
        • My First Calculator
    • NahamConCTF
      • pwn
        • Syrup
        • Conveyor Belt
        • Dangerous
      • Misc
        • Alkatraz
        • Fake File
        • Trapped
        • Awkward
      • Web
        • Official business
        • Localghost
        • Agent-95
        • PHPPhoneBook
        • Time Keeper
      • Osint
        • Tron
      • Crypto
        • Homecooked
        • raspberry
        • docxor
        • Twinning
      • Scripting
        • rotten: caesars
        • Merriam
        • Gnomes
      • poggers
    • Plaid
      • File-system-based strcmp go brrrr
    • RACTF
      • Misc
        • Teleport
        • NS.mov
        • ST.mov
        • Pearl pearl pearl
        • Discord
        • BR.mov
        • Emojasm 2
        • Spentalkux
        • EmojASM
        • Reading Between The Lines
        • Mad CTF Disease
      • OSINT
        • Tree Man
        • Brick by Brick
        • Remote Retreat
        • Suspended Belief
        • Dead Man
        • RAirways
      • Pwn
        • Finches in a Pie
        • Finches in a stack
        • Solved in a flash
        • Puffer Overflow
          • Puffer Overflow
        • Not Really AI
        • A Flash Of Inspiration
          • A Flash of Inspiration
        • Medea
        • Eccentric Encryption Engima
        • Snakes and Ladders
      • Web
        • Entrypoint
        • Admin Attack
        • Collide
        • Baiting
        • Vandalism
        • Quarantine
        • Quarantine - Hidden Information
        • Getting Admin
        • Finding Server Information
        • Insert Witty Name
      • Forensics
        • Access Granted
        • Cut Short
        • Dimensionless Loading
        • Peculiar Packet Capture
        • Disk Forensics Fun
        • A Monster Issue
        • A Musical Mix Up
        • Cheap Facades
      • Crypto
        • B007l3G CRYP70
        • Access=0000
        • B007L36 CRYP70... 4641N
        • Mysterious Masquerading Message.md
        • Really Simple Algorithm
        • Really Speedy Algorithm
        • Really Secret Algorithm
        • 0x Series
        • Really Small Algorithm
    • Redpwn CTF
      • Crypto
        • worst-pw-manager
        • 4k-rsa
        • pseudo-key
        • 12 Shades of Redpwn
        • priminity
        • base646464
        • Alien Transmissions v2
        • itsy bitsy
        • seekrypt
      • Web
        • Panda Facts
        • Static Static Hosting
        • Tux Fanpage
        • Anti textbook
        • Inspector-General
        • Login
        • Static Pastebin
      • Pwn
        • The Library
        • Coffer Overflow
        • Secret Flag
        • Dead Canary
        • Skywriting
      • Rev
        • SmArT-Solver
          • SmArT-Solver
        • Ropes
        • Aall
        • Bubbly
      • Misc
        • CaaSino
        • uglybash
        • Albatross
    • rgbCTF
      • misc
        • ye olde prng
        • Penguins
        • Picking Up The Pieces
        • Differences
        • hallo
        • Adventure
        • insert witty algorithm name here
      • rev|pwn
        • ARM 1
        • LYCH King
        • Time Machine
        • Object Oriented Programming
        • Soda Pop Bop
        • Too Slow
        • sadistic rev 2
        • Advanced Reversing Mechanics 2
        • Sadistic Reversing 1
      • ZTC
        • Ralphie
        • Peepdis
        • Vaporwave1
        • icanhaz
        • vaporwave 3
        • Vaporwave 2
      • web
        • tictactoe
        • type racer
        • keen eye
        • Countdown
        • imitation crab
      • forensics:osint
        • PI 1- Magic in the air
        • Pi 2
        • robins reddit password
        • Space Transmission
        • Insanity Check
      • beginner
        • Joke check
        • A Basic Challenge
        • Pieces
        • Quirky resolution
        • Shoob
        • Name A More Iconic Band
        • fine day
      • crypto
        • Grab your Jisho
        • Shakespeare Play, Lost (and found!)
        • (rgbctf/crypto/e.md)
        • I Love Rainbows
        • Adequate Encryption Standard
        • Occasionally Tested Protocol
        • rubikcbc
        • N-AES
    • Sharky
      • Give away 2
      • Give away 1
      • Give away 0
      • Romance Dawn
      • The hare and the tortoise
    • TJCTF
      • Circus
      • Forensics
        • Cookie Monster
        • Gamer F
        • Ling ling
        • Rap God
        • Hexillology
      • Misc
        • arabfunny
        • TTW
        • Timed
        • Gamer M
        • Zipped up
        • Discord
        • Censorship
        • Jarvis
        • Slicer
      • Reasonably Secure Algorithm
      • Login sequel
      • Seashells
      • Admin secrets
      • Web
        • Sarah Palin Fanpage
        • Circus
        • Login sequel
        • Weak Password
        • Moar Horse 4
        • Gamer W
        • File Viewer
        • Admin secrets
      • Gamer R
      • El primo
      • Crypto
        • home rolled
        • rgbsa
        • difficult decryption
        • Reasonably Secure Algorithm
        • Is this Crypto
        • Titanic
      • Reversing
        • comprehensive2
        • Forwarding
        • Gym
        • ASMR
        • Gamer R
      • Gamer M
      • Sarah Palin Fanpage
      • Zipped up
      • Is this Crypto
      • Pwn
        • OSRS
        • Stop
        • Seashells
        • Cookie Library
        • Tinder
        • El primo
      • Discord
      • Congenial Octo Couscous
      • Titanic
      • Gamer F
      • Censorship
      • Jarvis
      • OSRS
      • Moar Horse 4
      • Weak Password
      • Stop
      • Ling ling
      • Slicer
      • Cookie Library
      • Cookie Monster
      • comprehensive2
      • home rolled
      • Rap God
      • difficult decryption
      • Forwarding
      • rgbsa
      • Gym
      • arabfunny
      • Tinder
      • Timed
      • Gamer W
      • TTW
      • ASMR
      • File Viewer
      • Hexillology
    • Tokyo Westerns CTF
      • sqrt
      • easy-hash
      • Nothing much to see
      • Twin D
    • Zh3r0 CTF
      • Misc
        • Rainbow Hex
        • Find the Covid19 Vaccine
        • Welcome To Phase 2md
        • Welcome To Phase 1
        • Analyse me
        • snakes everywhere
      • Forensics
        • Run Forrest Run
        • PreDestination
        • Snow
          • Snow.md
        • Hidden Music
        • is it a troll???
        • Soundless
        • PreDestination
        • UnRemovable
        • Katycat
        • LSB Fun
        • Good Ol' IE
      • pwn
        • Command1
        • Free flag
        • Help
      • Crypto
        • We are related
        • Dozen Bases
        • Uncipher Me
        • NASA
        • RSA Warmup-Really Small Algorithm
      • Web
        • Web Warmup
        • Google Source Code
      • OSINT
        • NASA
      • Prenote: As all of these challenges were similar, we decided to combine these under one page.
  • 2021 Writeups
    • Union CTF
      • Antistatic
      • Cr0wn Air
      • Human Server
      • Mordell Primes
      • Neo-classical
      • Nutty
      • Why is a raven
Powered by GitBook
On this page

Was this helpful?

Export as PDF
  1. 2020 Writeups
  2. Houseplant

Pie Generator

Relatively simple: you get a submission box to type in a number. You must predict the random number the site will generate.

The page is pretty bare. There's a form that makes post requests, and it has two fields - one is the number that we submit, the other is the timestamp. As we post, a javascript function is called to change the timestamp to our current time. Wait... they probably use that as the seed!

If we can control the timestamp option on the form, we control the seed. If we control the seed, we control what random number comes next.

Editing the javascript function doesn't seem to work, so we'll fire up burp suite. The timestamp is sent as a post parameter as part of the form. Burp suite allows us to intercept the post request as our browser makes it and edit it.

First of all, let's edit the timestamp to be 1 and see what happens. Funnily enough, the website tells us we were wrong and that the correct answer is 1. We can do this again,this time changing our guess to 1 BOOM! Flag acquired.

rtcp{w0w_sO_p53uD0}

PreviousZip-a-dee-doo-dahNextEz

Last updated 4 years ago

Was this helpful?