downloadbrowsewarsaw's Sorting Server CTF

Download, 2 kb (password:
Browse contents of

This is a server which is designed to sort numbers for people. However, it contains a subtle design flaw which allows recovery of the secret flag.

Your goal is to figure out a way to steal the flag by interacting with the server remotely.

Difficulty: 4 - Needs special knowledge
Platform: Multiplatform
Language: Python

Published: 20. Apr, 2013
Downloads: 189


Votes: 3
Crackme is quite bad.

Rate this crackme:

Send a message to warsaw »

View profile of warsaw »


There are no solutions to this crackme yet. Have you solved it? Please write a tutorial and submit it here!

Submit your solution »

Discussion and comments

01. May 2013
would the author post the solution
18. Aug 2013
Hint: It's not a timing attack. There's a much easier way to do it.
19. Aug 2013
I can't even get it to start as it states an error:

File "", line 111
return {k:v[0] for k,v in params.items()}
SyntaxError: invalid syntax

Am I using a wrong python version or is it not supposed to be run via "python"?
27. Aug 2013
You're probably using Python 2.6. You need 2.7
27. Aug 2013
You'll also need to supply your own flag.txt of course
04. Sep 2013
As you stated it isn't a timing attack so I am somewhat lost. The only interaction possible is via the sorting algorithm. It chooses the same pivots every time but as there is no other output than the sorted list, I have no idea as how to guess the seed of the pivot random number sequence.
22. Oct 2013
Hint: Why is recursion problematic in Python?
27. May 2015
The goal is to get the message: Correct! ?
27. May 2015
the goal is to access the server in such a way that the integer key (in flag.txt) is revealed, no matter what value it is

example queries are given in the python comments

your solution should contain the magic query and an explanation of how it was derived
Extreme Coders
29. May 2015
By providing a specially crafted input is possible to overflow the recursion but how this affects in revealing the key has yet to be explored.

Note: I am not talking about inputting a insanely large a list of numbers ;)

You may leave your comment, thoughts and discuss this crackme with other reversers here.
Acting childish will not be tolerated.
HTML and such will be left as-is, so don't try.