# Collide

The server expects two values (`one` and `two`) passed in as a JSON array.

It appends a secret to the start of both of these and runs them through a custom hashing function.

If the result is equal, we get the flag. However, our input is compared with the `===` operator, and if they match our input is rejected.

As this is a web challenge, not a crypto one, I realized the target was not the hashing function.

After some playing around, I found that `['a'] === ['a']` returns false, likely because the arrays are two different objects in memory.

We send to the server:

```javascript
{
    "one":["a"],
    "two":["a"]
}
```

and the flag is returned.

## ractf{Y0u\_R\_ab0uT\_2\_h4Ck\_t1Me\_\_4re\_u\_sur3?}


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://the-winrars.gitbook.io/writeups/2020-writeups/ractf/web/collide.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.