Juggling (bronze, 50p)

Flaw in source code of a web application will allow you retrieve the flag from https://10.XX.32.95:1005/.
It prints the flag when MD5 hash of input data is considered equal to the data itself.
What is the flag printed by the application?


Webpage asks to find a text string, where MD5 digest is equal to itself.

screenshot website

Looking at source, there is a hint that source.txt is available.

<!doctype html>
<html lang="en">

    <meta charset="utf-8">
    <link href="css/bootstrap.min.css" rel="stylesheet" id="bootstrap-css">
    <script src="js/bootstrap.min.js"></script>
    <script src="js/jquery.min.js"></script>
    <link href="css/style.css">

    <div class="container"><br><br>
  <div class="title h2">Find a text string where  MD5 digest equal to itself!</div><hr>
  <form id="form" class="form" action="/index.php" method="POST">
            <div class="form-group">
                <input type="text" name="md5" class="form-control" placeholder="Text string goes here" required>
            <div class="form-froup">
                <input type="submit" name="submit" class="btn btn-success btn-md col-md-12 pull-right" value="Compare">
            </form><!--<a href="source.txt">Source</a>-->

Looking source.txt reveals exactly the same what is asked in webpage, - return flag only when md5 of provided text is equal to itself.

if (isset($_POST['md5']))
    if ($md5==md5($md5))
        echo "dedacted content of a flag";
        echo "<br><div class=\"h3\"><center><span style=\"color:red\">Sorry, '",htmlspecialchars($md5),"' not the same as ",md5($md5)."</span></center></div>";

This challenge explores well-known PHP issue - type juggling and magic hashes. Using one of provided examples, e.g., 0e215962017, flag is retrieved.

Flag: 9e0cd0bd-5e15-4934-85a5-65a6e52ca90e