Tags: web token

Rating: 4.5

![](https://i.imgur.com/Y8onBQf.png)

**We are presented with the file listing. One of the files is a flag.**

**It is also the only file we can't download as it is missing the token.**

**Tokens resemble some hashes so I upload them to the Crackstation for the verification. We get the confirmation for MD5 slong with the cracked values.**

**It turns out that the numbers corespond to the file sizes of the files. I proceed to writing a solver.**

## Solver


#!/usr/bin/python3
import requests
import hashlib

def main():
for i in range(1000):
if 'AFFCTF' in r.content.decode('utf-8'):
print(r.content)

if __name__ == '__main__':
main()



## Output


AFFCTF{Pr3dic71bl3_t0k3n5_4r3_b4d}