### (Junior - 1pts)
> Provide a valid passport file inorder to pass.
> Target: [http://passport.dctfq18.def.camp/](Upload%20your%20Passport.html)
When you visit the site you see a hyperlink for a demo file
And, an upload form for a file
When you pass demo itself it says:
This is demo Passport! You have to find its evil twin.
When you send any arbitary file:
Your Passport is invalid. Our MD5SUM detected a false document.
Now, it is clear that they check first whether the MD5SUM is equal to demo file
On searching the internet came across a [link](https://crypto.stackexchange.com/a/15889)
On verification it is evident that following strings have same md5 hashes
Thus, one of them has to be demo; which it even is
After uploading the other one as a file we receive the flag