# Break In CTF 2018 Challenge [Web 500pts] | January 22, 2018

**Break In 2018 - Connecting Will**

**Description**

https://felicity.iiit.ac.in/contest/breakin/findingwill/

Will is lost in the Upside-Down and is stuck with the Demogorgon. El is looking for Will, when, she stumbles across a piece of code that Will wrote. The Demogorgon could not decipher the code and hence just left it lying around. El needs your help to find the 2 numbers that can get her the secret key which Will was trying to share. Can you help her?

The website shows a login form with a First Number and a Last Number. From the given source code we can assume that we need to put 2 hashes that have the same value,

In order to solve this challenge we could look for a md5 collision

md5(‘240610708’) ‘s result is 0e462097431906509019562988736854

.

md5(‘QNKCDZO’) ‘s result is 0e830400451993494058024219903391.

0 == 0 when compared with == they give us True

but with this we will not be accessed because we have

```
($hash1 != $hash2)
```

by looking on :

`$hash2 = strtr($hash2, “abcd”, “0123”);`

i use this site to get some hashes who started by

ae ;)

https://md5db.net/explore/ae46

dlhkwp : ae46007dc4407b097dc1d216cd48d15d

‘a’ will be replaced by 0 (0e)

so :

ae46007dc4407b097dc1d216cd48d15d != 0e462097431906509019562988736854

after that a,b,c,d will be replaced by 0,1,2,3

0e46007dc4407b097dc1d216cd48d15d

0e460073244071097321321623483153

and

0e460073244071097321321623483153 equal 0e462097431906509019562988736854 (true)

first number : 240610708

last number : dlhkwp

Success. The flag is BREAKIN{I_Will_Connect}

#0v3n_Sh3ll ❤