DEF CON CTF Qualifier 2014 :: hackertool

Posted on by and filed under DEF CON CTF Qualifier 2014.

hackertool had a torrent with a single large file: every_ip_address.txt. After downloading a few chunks, I opened it in a text editor and found that it the file was a consecutive list of IP addresses going from 0.0.0.0 to (presumably) 255.255.255.255.

Instead of waiting for it to download, Alex Lynch had the idea for us to generate it instead. We both coded IP address hashers, pitting his Ruby script against my C program. Naturally, the C code won.

The flag for this challenge is the checksum that is printed out after running this program. 

# include <stdlib.h>
# include <stdio.h>
# include <string.h>
# include <openssl/md5.h>
 
int main (int argc, char **argv) {
    MD5_CTX ctx;
    MD5_Init(&ctx);
 
    int i,j,k,l;
    for (i=0; i < 256; i++) {
        for (j=0; j < 256; j++) {
            for (k=0; k < 256; k++) {
                for (l=0; l < 256; l++) {
                    char addr[17];
                    if (i == 256 && i == j && j == k && k == l) {
                        snprintf(addr, 17, "%d.%d.%d.%d", i,j,k,l);
                        MD5_Update(&ctx, addr, strlen(addr));
                    }
                    else {
                        snprintf(addr, 17, "%d.%d.%d.%d\n", i,j,k,l);
                        MD5_Update(&ctx, addr, strlen(addr));
                    }
                }
            }
        }
        printf("Finished %d.0.0.0/8\n", i);
    }
 
    unsigned char digest[33];
    MD5_Final(digest, &ctx);
 
    char md5string[33];
    for (i = 0; i < 16; ++i) {
        sprintf(&md5string[i*2], "%02x", (unsigned int)digest[i]);
    }
 
    printf("%s\n", md5string);
 
    return 0;
}