### # EkoParty CTF 2017: OnTheWire (300) - Misc

Introduction

We have sniffed some bytes of a transmission. What does it say?
51 91 51 31 51 71 112 31 51 123 91 71 95 127 121 51 112 95 121 121 91 71 112 126 112 112 95 79 121 121 95 51 91 71 112 123 121 126 112 91 112 109 91 71 95 51 121 48 112 121 112 126 95 78 121 51 112 123 112 61

Hint
You will see the flag in a lcd display

Solution

```# `cat onthewire.py`

bytes = [51, 91, 51, 31, 51, 71, 112, 31, 51, 123, 91, 71, 95, 127, 121, 51, 112, 95, 121, 121, 91, 71, 112, 126, 112, 112, 95, 79, 121, 121, 95, 51, 91, 71, 112, 123, 121, 126, 112, 91, 112, 109, 91, 71, 95, 51, 121, 48, 112, 121, 112, 126, 95, 78, 121, 51, 112, 123, 112, 61]

r = ''
table = {}

for b in bytes:
if hex(b) not in table:
letter = raw_input(hex(b) + '? ')
table[hex(b)] = letter
else:
letter = table[hex(b)]
r += letter

print r.decode('hex')

# `python onthewire.py`
0x33? 4
0x5b? 5
0x1f? b
0x47? f
0x70? 7
0x7b? 9
0x5f? 6
0x7f? 8
0x79? 3
0x7e? 0
0x4f? e
0x6d? 2
0x30? 1
0x4e? c
0x3d? d
EKO{I_h4v3_pwn3d_y0ur_d1spl4y}```

Reference

https://en.wikichip.org/wiki/seven-segment_display/representing_letters

### # GynvaelEN mission 015

```# `cat mission_15.py`
import hashlib
import itertools
import png
import numpy as np

(width, height, iterator, info) = r.read()

b = [0] * width

for i in iterator:
row = i.tolist()
for i in xrange(0, len(row), 3):
value = row[i:i + 3]
if value == [255, 0, 0]:
b[i / 3] += 1

print ''.join([chr(c) for c in b])

hashes = [
'e6d9fe6df8fd2a07ca6636729d4a615a',
'273e97dc41693b152c71715d099a1049',
'bd014fafb6f235929c73a6e9d5f1e458',
'ab892a96d92d434432d23429483c0a39',
'b56a807858d5948a4e4604c117a62c2d'
]

alphabet = ' !ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz'

password = [' '] * 5
counter = 0

for result in itertools.product(alphabet, repeat = 5):
word = ''.join(list(result))
m = hashlib.md5()
m.update(word)
hd = m.hexdigest()
if hd in hashes:
pos = hashes.index(hd)
print pos, word
counter += 1
if counter == 5: break

# `python mission_15.py`
<?php

}

if (strlen(\$p) !== 25) {
}

if (md5(\$p) !== 'e66c97b8837d0328f3e5522ebb058f85') {
}

// Split the password in five and check the pieces.
// We need to be sure!
\$values = array(
0 => 'e6d9fe6df8fd2a07ca6636729d4a615a',
5 => '273e97dc41693b152c71715d099a1049',
10 => 'bd014fafb6f235929c73a6e9d5f1e458',
15 => 'ab892a96d92d434432d23429483c0a39',
20 => 'b56a807858d5948a4e4604c117a62c2d'
);

for (\$i = 0; \$i < 25; \$i += 5) {
if (md5(substr(\$p, \$i, 5)) !== \$values[\$i]) {
}
}

die("GW!");

2  are
0 Pie c
3 delic
1 harts
4 ious!
Pie charts are delicious!```

Source