PicoCTF Challenge : It is my birthday Walkthrough

3 min readJun 10, 2024

Challenge URL : https://play.picoctf.org/practice/challenge/109

Category : Web Exploitation
Level : Easy
Points : 100
Description : I sent out 2 invitations to all of my friends for my birthday! I’ll know if they get stolen because the two invites look similar, and they even have the same md5 hash, but they are slightly different! You wouldn’t believe how long it took me to find a collision. Anyway, see if you’re invited by submitting 2 PDFs to my website. http://mercury.picoctf.net:55343/
Hint 1 : Look at the category of this problem.
Hint 2 : How may a PHP site check the rules in the description?

Hello fledgling hackers, today we are going to solve the PicoCTF challenge 109. So let’s get started

Step 1: Read the Description

Go to the challenge page and carefully read the description. Click on the link provided in the description to proceed.

Step 2: Initial File Upload

On the webpage that opens, you will see an upload section. Try uploading two files in each section and click the upload button. An error message will appear stating, “NOT a PDF”.

Step 3: Upload a PDF File

Next, upload a PDF file in the upload section and click the upload button again.

Step 4: Error Message

After uploading the PDF, you will see an error message: “MD5 hashes do not match!”.

Step 5: Finding Files with the Same MD5 Hash

You need to find two different PDF files that have the same MD5 hash. This method is known as an MD5 collision.

Step 6: Understanding MD5 Collision

MD5 collision occurs when two different files share the same MD5 hash. This method can be used to bypass hash checks.

Step 7: Downloading MD5 Collision Files

On Searching online for websites that provide PDF files with the same MD5 hash I found one. Let’s now download the files i.e, `hello.pdf` and `erase.pdf`(which is in our case)

Website Link : https://mathstat.dal.ca/~selinger/md5collision/