Full writeup:[https://github.com/happysox/CTF_Writeups/tree/master/XMAS_CTF_2018/trustworthy](https://github.com/happysox/CTF_Writeups/tree/master/XMAS_CTF_2018/trustworthy)

### Summary

* Analyze TCP protocol used to play tic-tac-toe against a server
* Cheat
* `X-MAS{cl13n7_v4l1d4710n_5uck5____}`

```python
#!/usr/bin/python2
from pwn import *
from binascii import hexlify, unhexlify

state = "202020202020202020"
tick = 0

def send_move(index, state, tick):
state=state[:index*2] + "58" + state[(index+1)*2:]
end = "a7" if tick==0 else "b0"
tick = (tick + 1) % 2
to_send = "ff"+state+end
p.sendline(unhexlify(to_send))
return state, tick

def parse_response():
state = hexlify(p.recv())
return state

def cheat(state, tick):
state = "585858204f4f202020"
print "sending custom state: %s" % bytes(state)
end = "a7" if tick==0 else "b0"
tick = (tick + 1) % 2
to_send = "ff"+state+end
p.sendline(unhexlify(to_send))
return state, tick

with context.verbose:
p = remote('199.247.6.180', 11000)
state, tick = send_move(0, state, tick)
state = parse_response()
state, tick = send_move(1, state, tick)
state = parse_response()
#Cheating time:
state, tick = cheat(state, tick)
p.recvall()
```

Original writeup (https://github.com/happysox/CTF_Writeups/tree/master/XMAS_CTF_2018/trustworthy).