Health Check (Smart City, 200p)

The city has set up a website to test the availability of different services.
The admins are seeing icmp request from the application to internal networks.
This is really strange as it should be able to ping only public IP addresses.
Help them to figure out what is going on.
They have assigned you an internal IP address of 172.20.10.2 to make the ping requests against from the application.
http://envXXX.target03:1343

solution

Website allows to ping "only public addresses".

screenshot of website

Trying 172.20.10.2 results in error "Not a public IP address".

Convert IP address to integer format.

# python3 -c 'import ipaddress; print(int(ipaddress.ip_address("172.20.10.2")))'
2886994434

Trying 2886994434 is successful, as it ping 172.20.10.2 and bypasses "only public addresses" filtering.

Regex bypassed! Flag is: ctftech{iP_nUmB3rz_@r3_4un}

Flag is ctftech{iP_nUmB3rz_@r3_4un}.


Buy Me A Coffee