Difficulty: easy

Category: crypto

Author: xnull

Description:

### Secure Token System

This authentication system generates a random token for access. The token is different each time you load the page.

Can you predict what token the system will generate?

Scenario

We need to supply a 6-digit code and get the timestamp used for a seed.

Solution

If we’re fast enough, we can just reuse the previous timestamp:

import random
import requests
import re
from pwn import *
import sys

URL=sys.argv[1]
with requests.Session() as sess:
    u = sess.get(URL)
    ts = int(re.search("Token generated at timestamp: <strong>(.*)</strong>", u.text).group(1))
    success(f"Seed: {ts}")
    random.seed(ts)
    token = random.randint(100000, 999999)
    success(f"Token: {token}")
    q = sess.post(f"{URL}/verify", data={"token": token})
    flag = re.search('<p class="flag">(.*)</p>', q.text).group(1)
    success(f"Got flag: {flag}")
# [+] Seed: 1769981604
# [+] Token: 770535
# [+] Got flag: ENDLM{dd620feb3c110a9d5361e1be6f59b0b5661cf4e100872ed6}

Flag: ENDLM{dd620feb3c110a9d5361e1be6f59b0b5661cf4e100872ed6}

Scenario#

Solution#

Scenario

Solution