Welcome to my series of writeups for n00bzunit3d 2024 capture-the-flag competition. In this post, we look at the programming/sillygoose challenge. First, let’s look at the challenge. The challenge runs on a server and requires to connect remotely to access the challenge. The server code is provided and is given below.



1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34

 
from random import randint
import time
ans = randint(0, pow(10, 100))
start_time = int(time.time())
turns = 0
while True:
    turns += 1

    inp = input()

    if int(time.time()) > start_time + 60:
       print("you ran out of time you silly goose") 
       break

    if "q" in inp:
        print("you are no fun you silly goose")
        break

    if not inp.isdigit():
        print("give me a number you silly goose")
        continue

    inp = int(inp)
    if inp > ans:
        print("your answer is too large you silly goose")
    elif inp < ans:
        print("your answer is too small you silly goose")
    else:
        print("congratulations you silly goose")
        f = open("/flag.txt", "r")
        print(f.read())

    if turns > 500:
        print("you have a skill issue you silly goose")

The challenge chooses a number randomly between 0 and 10^100. Our task is to guess that number within 500 tries. For every guess, the challenge tells us if our guess was too big, too small or correct. This challenge can be essentially be boiled down to a binary search where we try to find the correct number in an array contain 0 - 10^100. Doing so gives us the correct guess in <=500 tries and the challenge gives us the flag.

.
.
.
your answer is too small you silly goose

congratulations you silly goose
n00bz{REDACTED}


Correct guess: 9265085847743364256439545120524325888018315000388679627853879417829339611151938624173184616910518237