Unstoppable force meets immovable object

Author: Nolawz
Category: Web
Points: 50
Solves: 180
Files: Unstoppable_force_meets_immovable_object.zip
Flag: blitz{60nn4_b3_4_b16_c0ll1510n_wh3n_un570pp4bl3_f0rc3_m3375_1mm0v4bl3_0bj3c7}

What is gonna happen when an unstoppable force meets some immovable objects?

https://ufmio-n1sj9nsb.blitzhack.xyz/

This is one of the easiest challenge in this CTF. The objective of this challenge was for you to find the collision for a custom hash function which was implemented as follows:

1
def immovable_object(data, block_size=32):
2
    if len(data) % block_size != 0:
3
        data += b"\0" * (block_size - (len(data) % block_size))
4

5
    h = 0
6
    for i in range(0, len(data), block_size):
7
        block = int.from_bytes(data[i : i + block_size], "big")
8
        h ^= block
9

10
    return h

We can see that it pads the data with null byte to make it divisible by block size (32). And then it iterates over the data and xor’s the block with the previous hash. So it is very easy to find a collision for any string using this function.

For simplicity’s sake, I am gonna consider the hash function as h(x).

Say we want to find a block A' (ie, a string of size 32) such that h(A') = h(A) (here, A is also a block) but A' != A. To find this, we can use a clever property of xor to easily construct the collision. When we xor a number with itsef, we will get 0 as the result. Therefore, x ^ x ^ x = x for any number. Just like that, A ^ A ^ A = A. Thus, we have found the A' to be A' = A + A + A. Thus when the hash function is used, h(A') = h(A).

The only other thing to note here is that you have to pad P@ssword@123 to make it 32 bytes long.

Here is the solution script:

1
import requests
2

3
password = "P@ssword@123"
4
password += "\x00" * (32 - len(password))
5
password *= 3
6

7
r = requests.post(
8
    "https://ufmio-n1sj9nsb.blitzhack.xyz/",
9
    data={"username": "admin", "password": password},
10
)
11
print(r.text)