ForbiddenBITS CTF 2013 – Invisible 150 Write up

ForbiddenBITS CTF 2013 – Invisible 150

We were provided with an HTML page having this content:

   			 			
   
	
	   	 
				  	
	  	   	 	

 
 	    		

   	   	 	
   			  		
   
	
	   	 
				  	
	  	   			

 
 	    		

   	   			
   		 		  
   
	
	   	 
				  	
	  	  	   

 
 	    		

   	  	   
   		    	
   
	
	   	 
				  	
	  	  	  	

 
 	    		

   	  	  	
   		 			 
   
	
	   	 
				  	
	  	  	 	 

 
 	    		

   	  	 	 
   		  			
   
	
	   	 
				  	
	  	  	 		

 
 	    		

   	  	 		
   	 	 	  
 
 	
     		 	   
 
 	
     		  	 	
 
 	
     	     
 
 	
     		 	 		
 
 	
     		  	 	
 
 	
     				  	
 
 	
     	     
 
 	
     		 	  	
 
 	
     			  		
 
 	
     	     
 
 	
     	 	 			
 
 	
     		  	 	
 
 	
     	 					
 
 	
     		    	
 
 	
     			  	 
 
 	
     		  	 	
 
 	
     	 					
 
 	
     	  			 
 
 	
     		    	
 
 	
     			  		
 
 	
     			 	 	
 
 	
     			  		
 
 	
     	  	
 
 	
  






   	    		
   			 			
	
     			  	 
	
     		 				
	
     		 			 
	
     		  			
	
  



Ok, WordPress screwed it. It’s just a bunch of whitespaces and tabs. It’s a program written in the Whitespace esotheric language.

I tried to run the code using http://ideone.com/, a site that allows you to run your code in more than 40 programming languages.
This was the output of IdeOne after executing the Whitespace program:


result: Runtime error        time: 0.02s    memory: 5352 kB     signal: -1
 input: no
 output: no
 stderr:

Fail: <stdin>: hGetChar: end of file

So it looks like the Whitesace program needs some input through the stdin in order to properly work. So I decided to run the program again using IdeOne, but this time specifying some text as input. This was the result:

result: Success        time: 0.02s    memory: 5308 kB     return value: 0
input:

some_string

output:

wrong
Done.
Stack size 0
Heap size 1

Ok, so this time the output was the string “wrong”.
After that, I decided to take a look at the Whitespace VM specification. I’ve also found an implementation of Whitespace in Python, named esotope-ws, which includes an assembler, a disassembler, and an interpreter.

Let’s disassemble the program:

$ python esotope-ws -d program.ws disasm.txt
$ cat disasm.txt
-------------------
push 119                //'w'
push 0
getchar
push 0
retrieve
sub
jz E
jmp C
E:
push 115                //'s'
push 0
getchar
push 0
retrieve
sub
jz G
jmp C
G:
push 108                //'l'
push 0
getchar
push 0
retrieve
sub
jz H
jmp C
H:
push 97                //'a'
push 0
getchar
push 0
retrieve
sub
jz I
jmp C
I:
push 110                //'n'
push 0
getchar
push 0
retrieve
sub
jz J
jmp C
J:
push 103                //'g'
push 0
getchar
push 0
retrieve
sub
jz K
jmp C
K:
push 84                //'T'
dup
putchar
push 104                //'h'
dup
putchar
push 101                //'e'
dup
putchar
push 32                //' '
dup
putchar
push 107                //'k'
dup
putchar
push 101                //'e'
dup
putchar
push 121                //'y'
dup
putchar
push 32                //' '
dup
putchar
push 105                //'i'
dup
putchar
push 115                //'s'
dup
putchar
push 32                //' '
dup
putchar
push 87                //'W'
dup
putchar
push 101                //'e'
dup
putchar
push 95                //'_'
dup
putchar
push 97                //'a'
dup
putchar
push 114                //'r'
dup
putchar
push 101                //'e'
dup
putchar
push 95                //'_'
dup
putchar
push 78                //'N'
dup
putchar
push 97                //'a'
dup
putchar
push 115                //'s'
dup
putchar
push 117                //'u'
dup
putchar
push 115                //'s'
dup
putchar
push 9
dup
putchar
halt
halt
C:
push 119                //'w'
putchar
push 114                //'r'
putchar
push 111                //'o'
putchar
push 110                //'n'
putchar
push 103                //'g'
putchar
halt

As you can see, the program reads 6 chars from stdin and compares it against the string “wslang”. If the strings match, it prints out the message “The key is We_are_Nasus”.

So the flag for this challenge was: We_are_Nasus.

Advertisements

One thought on “ForbiddenBITS CTF 2013 – Invisible 150 Write up

  1. Pingback: ForbiddenBITS CTF 2013 | stephnix

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s