PicoCTF Challenge : It is my birthday Walkthrough
Challenge URL : https://play.picoctf.org/practice/challenge/109
Category : Web Exploitation
Level : Easy
Points : 100
Description : I sent out 2 invitations to all of my friends for my birthday! I’ll know if they get stolen because the two invites look similar, and they even have the same md5 hash, but they are slightly different! You wouldn’t believe how long it took me to find a collision. Anyway, see if you’re invited by submitting 2 PDFs to my website. http://mercury.picoctf.net:55343/
Hint 1 : Look at the category of this problem.
Hint 2 : How may a PHP site check the rules in the description?
Hello fledgling hackers, today we are going to solve the PicoCTF challenge 109. So let’s get started
Step 1: Read the Description
Go to the challenge page and carefully read the description. Click on the link provided in the description to proceed.
Step 2: Initial File Upload
On the webpage that opens, you will see an upload section. Try uploading two files in each section and click the upload button. An error message will appear stating, “NOT a PDF”.
Step 3: Upload a PDF File
Next, upload a PDF file in the upload section and click the upload button again.
Step 4: Error Message
After uploading the PDF, you will see an error message: “MD5 hashes do not match!”.
Step 5: Finding Files with the Same MD5 Hash
You need to find two different PDF files that have the same MD5 hash. This method is known as an MD5 collision.
Step 6: Understanding MD5 Collision
MD5 collision occurs when two different files share the same MD5 hash. This method can be used to bypass hash checks.
Step 7: Downloading MD5 Collision Files
On Searching online for websites that provide PDF files with the same MD5 hash I found one. Let’s now download the files i.e, `hello.pdf` and `erase.pdf`(which is in our case)
Website Link : https://mathstat.dal.ca/~selinger/md5collision/
Step 8: Uploading Collision Files
Upload the downloaded collision files to the webpage and click the upload button.
The flag will be revealed :
picoCTF{cOngr4ts_u_r_1nv1t3d_aad886b9}
Step 9: Submitting the Flag
Return to the challenge page on PicoCTF and submit the flag. Congratulations, you have successfully completed the challenge!
Thanks for reading and Happy Hacking.