# Pbjar CTF 2021

## Polymer

> **Description**
>
> I learned in my biology class that a polymer is a chain of monomers that can sometimes form long strings of molecules.

{% file src="<https://980792987-files.gitbook.io/~/files/v0/b/gitbook-legacy-files/o/assets%2F-Md9Bzo_DCKomMglV10a%2F-MjpGLr-lUQAur0IrJN1%2F-MjpJY-iDv7zmXNGhrwT%2Fpolymer.zip?alt=media&token=400d6ece-2363-47fb-82c1-c87c2d8c453a>" %}

**Solution**

So doing a `strings polymer | grep flag{ > outs.txt` give 425 lines with a lot of flag{n0t\_th3\_fl4g\_l0l}\
Replacing the fake flag with space and running `strings outs.txt > | grep flag{` \
`mr. i'll ask you what the real flag is flag{ju5t_4n0th3r_str1ng5_pr0bl3m_0159394921} think we'd all like to know.`

**Flag: flag{ju5t\_4n0th3r\_str1ng5\_pr0bl3m\_0159394921}**

## **Miner**

> **Description**
>
> Block #11834380 on the Ethereum Blockchain was mined on Febuary 11th at 9:12:59 AM UTC. What is the address of the miner who validated this block? Flag format: flag{0x0000000000000000000000000000000000000000}

**Solution**

<https://etherscan.io/block/11834380>

**Flag: flag{0xd224ca0c819e8e97ba0136b3b95ceff503b79f53}**

## readFlag1

> **Description**
>
> The address of my new smart contract is 0xf0674CD7D1C0c616063a786E7d1434340E09BadD, the flag is inside it, and the code is published on Etherscan. Important: This smart contract is on Ropsten

**Solution**

We start out with the hint of going to Ropsten and viewing the [address](https://ropsten.etherscan.io/address/0xf0674CD7D1C0c616063a786E7d1434340E09BadD). One of the entries says readFlag1. Moving over to the [contract](https://ropsten.etherscan.io/address/0xf0674CD7D1C0c616063a786E7d1434340E09BadD#code) tab we can see the flag is in the code.

**Flag: flag{etherscan\_S0urc3\_c0de}**

## readFlag2

> **Description**
>
> I have republished the previous the contract at 0x585C403bC5c7eb62BF3630c7FeF1F837603bA866, but this time no source code for you this time. Luckily, the ABI of the smart contract is the same as the previous one. Figure out how to "get()" the flag. Important: This smart contract is on Ropsten

**Solution**

First of all, I knew it wasn't going to be like the other problem but still attempted the same route to be disappointed. I then go to[ internal Txns](https://ropsten.etherscan.io/address/0x585C403bC5c7eb62BF3630c7FeF1F837603bA866#internaltx) and click on the link of where it is from. Then seeing that has a contract click on it. Then [reading the contract](https://ropsten.etherscan.io/address/0x280e7ea40d03f36a430effd3bcaf2ffa0a62e151#readContract) to find the string is the flag.

**Flag: flag{web3js\_plus\_ABI\_equalls\_flag}**

## readFlag3

> **Description**
>
> 0xe2a9e67bdA26Dd48c8312ea1FE6a7C111e5D7a7A. Important: This smart contract is on Ropsten

**Solution**

Searching it and looking at the [contract ](https://ropsten.etherscan.io/address/0xe2a9e67bdA26Dd48c8312ea1FE6a7C111e5D7a7A#code)all you have to do is go to the code and scroll down to the bottom where the Constructor arguments segment.

**Flag: flag{s3t\_by\_c0nstructor}**

## ReallynotSecureAlgorithm

> Description
>
> Here's the obligatory problem!!!

Solution

Flag:

## TechLead

> **Description**
>
> Infamous YouTuber, and ex-Google / ex-Facebook TechLead found a quick way to make a few million dollars of a crypto scam (as a millionare). He created the ERC-20 token Million (MM), and started promoting it on his social media platforms. The deployer address of the Million token smart contract is the personal address of TechLead, what is the highest historical Ethereum balance of his personal address? Million Token: <https://coinmarketcap.com/currencies/million/> Flag format: flag{0.006942069420}

**Solution**

First going to the website we can find TechLead's address by clicking holders and see the top address. Then analytics chart on that address shows the flag.

<https://etherscan.io/address/0x5922b0bbae5182f2b70609f5dfd08f7da561f5a4#analytics>

**Flag: flag{1.4625790953780384}**

## MEV

> Description
>
> The miner of Block #12983883 on the Ethereum Blockchain partakes in the common practice of MEV. What is the exact amount of Ether that was transfered to the miner as a bribe from the transaction that was included first in this block? Info about MEV: <https://ethereum.org/en/developers/docs/mev/> Flag format: flag{0.006942069420}

Solution

Start by going to Etherscan and finding the specific [block](https://etherscan.io/block/12983883).  Then selecting the transactions and the first \[last entry] of the transaction should be by a MEV Bot. Selecting the [internal Txns](https://etherscan.io/tx/0xddb777fbc72b8c3f31f687e302412c2f663b704bcf2faab5d938cd3f9c8b41f8#internal) we can see the value which is the amount of the taxes.

**Flag: flag{0.009672680170055358}**

## Not Baby

> Description
>
> a

Code Given

```
from Crypto.Util.number import *

with open('flag.txt','rb') as g:
    flag = g.read().strip()

with open('nums.txt','r') as f:
	s=f.read().strip().split()
	a=int(s[0])
	b=int(s[1])
	c=int(s[2])


e=65537
n=a**3+b**3-34*c**3
m=bytes_to_long(flag)
ct=pow(m,e,n)

print ("n: ",n)
print ("e: ",e)
print ("ct: ",ct)
```

Solution