Rating:
# Internetwache 2016 : Ruby's count (exp50)
**Category:** exploit |
**Points:** 50 |
**Name:** Ruby's count |
**Solves:** 219 |
**Description:**
> Hi, my name is Ruby. I like converting characters into ascii values and then calculating the sum.
>
> Service: 188.166.133.53:12037
___
## Write-up
### Part Zero
We were given a service which we connect using python sockets.
```
import socket
s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
s.connect(('188.166.133.53',12037))
data = s.recv(1024)
print data
```
And we get the first part
```
Let me count the ascii values of 10 characters:
```
They are asking for 10 ascii characters that has a sum of larger than 1020, but also fits the regex:
**/^[a-f]{10}$/**
### Part One
Trying to submit the largest character "f" ten times gave us
```
Sum is: 1020
That's not enough (1020 < 1020)
```
We tried sending special characters in between the f's but nothing worked.
But it seemed the socket was still reading characters after the newline char, and this was not being parsed by the regex, therefore
```
s.send("ffffffffff" + "\n" + "a10bc")
data = s.recv(2048)
print data
```
Worked :) and we got the flag:
```
Sum is: 1314
IW{RUBY_R3G3X_F41L}
```
[See full script here](src/exp50.py)