Nullcon HackIM 2017 - prog300-jio-geo_challenge

Do you think you can win this Jio-Geo challenge ?
52.90.9.177:33333

Solution

Well, wtf is Jio-geo? i don't know.. search engine doesn't help.. and why only a few teams solved this challenge?

After a few tries I figured out that I need to send a message containing my unique signature(md5 hashed), then the server register 1 hit from my IP/Country.

What I need to do is hit the server w/ my unique signature from 40 different countries!

Doing a test with some proxies i was able to confirm this.

So, where will I find 40 working connections(socks) from different countries without spending money?

There are 196 countries in the world today.

This type of challenge that involves the mastery of external resources does not attract many people, but I like it very much because it is very common in real situations.

Using Tor

My first idea is Tor.

Editing /etc/torrc you can force Tor to choose exit nodes by country:

ExitNodes {ua},{br},{us},{ie}  
StrictNodes 1  
Country                               Abbrev  
ASCENSION ISLAND                      {ac}  
AFGHANISTAN                           {af}  
ALAND                                 {ax}  
ALBANIA                               {al}  
ALGERIA                               {dz}  
ANDORRA                               {ad}  
...

Full countrycode list here

Enable/use ControlPort to change exit node on the fly:

printf "AUTHENTICATE \"yourpassword\"\r\nSIGNAL NEWNYM\r\n" | nc 127.0.0.1 9051  

..or w/ a simple service tor restart

I've scripted this into a loop and almost works.. with Tor I was able to solve half the challenge 28/40

Also discovered that it is very difficult to find working exit nodes in more than 25 countries..

https://torstatus.blutmagie.de/ can help you to find countries w/ working exit nodes (move the mouse over the flag icon, that is the country code to use at torrc)

Finishing the work w/ free Socks proxy list

At this point we need more 12 countries, so I had the idea of using a free/public Socks Proxy list organized by countries and eventually some would work..

Found this one http://www.gatherproxy.com/proxylistbycountry provided by GatherProxy

Manually and slowly I was able to finish the challenge.

FLAG: flag{I_am_a_global_citizen}

Full code

References