Skip to content
/ unsafeTicks Public

A hacking challenge written as part of the binary hacking practical at Heidelberg university

License

GPL-3.0 license
0 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

JulianFP/unsafeTicks

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

67 Commits
.vscode
.vscode
 
 
Documentation
Documentation
 
 
client
client
 
 
server
server
 
 
.gitignore
.gitignore
 
 
.gitmodules
.gitmodules
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
run.sh
run.sh
 
 
shell.nix
shell.nix
 
 

Repository files navigation

SafeTix

A hacking challenge written as part of the binary hacking practical at Heidelberg university, created by Alexander Mattingley-Scott and Julian Partanen.

About this project

This project was inspired by this blog post that goes through the authors journey of reverse engineering TicketMaster's rotating barcodes named SafeTix.

We build our own project that has the same foundational vulnerability however requires very different tooling and know-how to exploit it (digging into a binary instead of an Android web app). This project is meant to be a CTF-like challenge except that the flag is not some meaningless string but instead the cracked, exportable ticket.

About the challenge

The goal is to extract the ticket from the client so that you could give it to a friend, sell it or import it into your own client. This extracted ticket should stay valid indefinitely and you should understand how the barcode is generated from this ticket. Please follow the following guidelines while trying to solve the challenge:

  • This project has a server and a client component. For the sake of the challenge the server component will also run locally on your machine. Please pretend as if the server where to run on another machine outside of your control. This means don't touch the servers process, its environment, etc. Traffic analysis e.g. with Wireguard however is allowed if you want to do that (since that would also be possible if the server didn't run on your machine)
  • Please do not change the command line arguments provided to the client (the ./run.sh script will tell you the command you should run to start the client)
  • Do not look at any file other than the binary for the client, the run.sh bash script (you don't need to understand that script to solve the challenge, but maybe you want to read it anyway before running it) and this README.md file
  • Other than that everything is allowed, go nuts!

Instructions

Clone repo:

git clone https://github.com/JulianFP/unsafeticks.git

Change directory and run script

cd unsafeticks

./run.sh

Please note that the run.sh script assumes that you have either the apt or the nix package manager installed (nix can be installed on any Linux distro, the script uses nix-shell). If you are on a system where you have neither available and don't want to install nix then you'll have to read the bash script and figure out how to do what the script does manually.

Have fun!

About

A hacking challenge written as part of the binary hacking practical at Heidelberg university

Topics

challenge flask cpp hacking ctf-challenges ticketmaster binary-hacking

Resources

Readme

License

GPL-3.0 license
Activity

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Contributors 2

  •  
  •  

Languages