Olympic CTF Sochi 2014 CURLing100 writeup

Flag is out there: http://[2a02:6b8:0:141f:fea9:d5ff:fed5:XX01]/

All we need is a IPV6 connectivity and a script to query all XX01 addresses

I used gogoclient which offers an IPv6 over IPv4 tunnelling, you can test your connectivity with http://ipv6-test.com/

The script :

?php
session_start();
$p = "http://[2a02:6b8:0:141f:fea9:d5ff:fed5:";
$s = "01]/";
$f1 = array("a","b","c","d","e","f","0","1","2","3","4","5","6","7","8","9");
$f2 = array("a","b","c","d","e","f","0","1","2","3","4","5","6","7","8","9");
$url = "http://";
$ch = curl_init();
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);

$myFile = "ipv6.txt";
$fh = fopen($myFile, 'a') or die("can't open file");
foreach($f1 as $c1)
foreach($f2 as $c2)
{
   $url = $p.$c1.$c2.$s;
   echo "fetching url = ".$url;
   curl_setopt($ch, CURLOPT_URL, $url);
   $result = curl_exec($ch);
   $dump = "ip =".$url." result=".$result."
";
   fwrite($fh, $dump);
   echo $dump;  
 }
fclose($fh);
?>

The flag is at http://[2a02:6b8:0:141f:fea9:d5ff:fed5:6901]/ which is CTF{7a0dd6d4556a7ed60e6f7686eae0590d}