Gitzino was the 400-point crypto problem for Ghost in the Shellcode 2014. It looked like a standard “predict-the-RNG” problem: there’s a PRNG, a card game, and hopefully the output it gives you provides enough data about the internal state of the PRNG to predict the future and win the game repeatedly.
But that’s not how we solved it.
There are some things that work depressingly often in computers that would never work in real life. One of them showed up in the game: buy -1 of an item, and gain the currency corresponding to that item. In this case, we determined that we could bet a negative number of “gitscoins” on the outcome of the game, and then just send it a “random” deck and secret. Then, probably, we would lose the game and receive the gitscoins we had bet.
So, how did we do it?
- Learn about Provably Fair
- Check Balance
- Play Video Poker
1
2
3
4
5
6
7
8
9
10
11
12
13
14
3
Bet:
-99999
Our Secret_hash is 561c888f74113747c47aa16aa160fa0f201386d5d623361e4210342e26f9424c
Please supply your suffled deck
0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOP
The deck you supplied is 0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOP
Supply your secret (up to 256 bytes)
AAAAAAAAAAA....[truncated]...AAAAAAAAAAAAAAAA
Your starting hand is 5cQc5d7c4s
Which cards would you like to return?
Your ending hand is 5cQc5d7c4s
The seed for our shuffle is 2cab6a463928d9395cfc7132de8283c2f5d6e258178ee0aa4f85bd8ea07158e8
[Nothing...]
Rinse and repeat until you get enough Gitscoins. Occasionally you will accidentally win, but in general this should work.
Key was:
The key is: Twister? I hardly knew her