[DevCTF 2022] Scientific Hashes
Can you guess the password? Well it’s time to put on the lab coat and unleash that scientific mind of yours !!
This involves a password to crack. Presumably, the flag lies behind the password.
The hints indicate we need some kind of salt (NaCl). Also the reference to Phosphorous and emphasis on “equal” indicate it is a PHP type juggling vulnerability with equality comparisons. For further reading about PHP type juggling refer here.
If you inspect the response headers there is a cookie set
Set-cookie: Salt=f789bbc328a3d1a3This probably refers to the salt that is used for hashing the raw text password. The most common hash used with PHP backends is MD5. Thus our best guess is to extract the password so that somehow the salted hash is “equal” to the password expected by the PHP backend.
Since this is a scientific portal, many numbers are written in exponential notation as “0e1234” etc. There also exists vulnerabilities with this particular notation. For instance “0e1234” == “0e4321” holds true in PHP. This is because PHP considers the two strings to be numbers and does an equality comparison over integers. The mantissa is dropped when converting to integers and it equivalently compares 0 == 0, which is of course true.
We can use this fact to find a password which when salted and MD5 hashed, results in a hash that starts with “0e” and is followed by all digits (deja-vu for crypto miners). The following pseudo-code illustrates the point
salt="f789bbc328a3d1a3"
i = 0
while True:
hash = md5(salt + str(i))
if hash.startswith("0e") and isnum(hash[2:]):
print(i)
break
One such value of i = 237701818 satisfies the constraints and accepted by the webapp. Enter the password and the flag appears in the alert box.
FLAG{php_r0cks_0nc3_again}
