Post

TCP1P-CTF 2023 - Venue

Posted
By Nolliv22 2 min read

Description

Category: Blockchain

Author: Kiinzu

Look at the Amazing Party Venue So do you wish to enter?

contract: 0x1AC90AFd478F30f2D617b3Cb76ee00Dd73A9E4d3

provider: https://eth-sepolia.g.alchemy.com/v2/SMfUKiFXRNaIsjRSccFuYCq8Q3QJgks8

Priv-Key: Please use your own private-key, if you need ETH for transact, You can either DM the Author, or get it by yourself at https://sepoliafaucet.com/

Attachments:

Solution

1. Overview

To get the flag, we need to call the function enterVenue():

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20

// SPDX-License-Identifier: MIT
pragma solidity ^0.8.13;

contract Venue{
    string private flag;
    string private message;

    constructor(string memory initialFlag, string memory initialMessage){
        flag = initialFlag;
        message = initialMessage;
    }

    function enterVenue() public view returns(string memory){
        return flag;
    }

    function goBack() public view returns(string memory){
        return message;
    }
}

From the hint (101.txt) I know that I need to use a tool in order to call the function:

1
2
3
4
5

Feeling Confuse?

Here's how you can attempt this challenge
First thing first you need to know what the code does,
then you need to write a code using web3.js or web3.py

I used web3.py for the rest of the challenge.

2. Connect to the provider

Providers - web3.py documentation

First we need to connect to the blockchain:

1
2
3

from web3 import Web3

w3 = Web3(Web3.HTTPProvider("https://eth-sepolia.g.alchemy.com/v2/SMfUKiFXRNaIsjRSccFuYCq8Q3QJgks8"))

3. Compile the contract

Contracts - web3.py documentation

To interact with the smart contract on the blockchain, we need to compile it:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31

from solcx import compile_source

compiled_sol = compile_source(
    '''
    // SPDX-License-Identifier: MIT
    pragma solidity ^0.8.13;

    contract Venue{
        string private flag;
        string private message;

        constructor(string memory initialFlag, string memory initialMessage){
            flag = initialFlag;
            message = initialMessage;
        }

        function enterVenue() public view returns(string memory){
            return flag;
        }

        function goBack() public view returns(string memory){
            return message;
        }
    }
    ''',
    output_values=['abi', 'bin']
)

contract_id, contract_interface = compiled_sol.popitem()

abi = contract_interface['abi']

Once compiled, we can interact with the contract on the blockchain:

1

contract = w3.eth.contract(contract_address, abi=abi)

4. Call the function

Now we can interact with the contract, we can call the function that returns the flag:

1
2
3

contract.functions.enterVenue().call()

# 'TCP1P{d0_3nj0y_th3_p4rty_bu7_4r3_y0u_4_VIP?}'

TCP1P{d0_3nj0y_th3_p4rty_bu7_4r3_y0u_4_VIP?}

Writeups, TCP1P-CTF 2023
Blockchain
This post is licensed under CC BY 4.0 by the author.