Someone sent me the bytecode of a smart contrat that lives in the Ethereum blockchain. She told me, the smart contract is very simple: it contains a win() method, that anybody can call. This method takes a string as a parameter. If the string is the flag, it will call "selfdestruct(msg.sender)" to kill itself and send all its money to the sender. Can you find the flag? Here is the bytecode of the contract (as deployed on the blockchain): 606060405260043610610041576000357c0100000000000000000000000000000000000000000000000000000000900463ffffffff16806350f753bd14610046575b600080fd5b341561005157600080fd5b610073600480803568ffffffffffffffffff1916906020019091905050610075565b005b600080602a9150600090505b60178160ff1610156100cf576008810260ff168260ff1669010000000000000000000268ffffffffffffffffff19169060020a02831892506003600783020191508080600101915050610081565b7f737461636b206d616368696e6573206172652066756e2e0000000000000000008368ffffffffffffffffff1916141561010c5781806001019250505b7f0631194a95069d7e012c19795d0c5c4ccd4af1984e45570000000000000000008368ffffffffffffffffff19161415610159573373ffffffffffffffffffffffffffffffffffffffff16ff5b7f3f6c69726874796d20726f202c65746e65796f207972540000000000000000008368ffffffffffffffffff191614156101965781806001019250505b5050505600a165627a7a72305820afb3eeebc91132522b5075e270bcba664967c8ee60857ec0172ba60eb4b264870029 Here is the prototype of the win function: function win(bytes23 flag) I know you are good at doing Cyber™ smart contracts over the blockchain in ze machine-learning cloud. Now is your time.
ToulouseHackingConvention/reverse-palkeo-ethereum
THC CTF 2018 - Reverse - Ethereum - Reverse of an ethereum smart contract