Open Pit
========

# Author
Stäbchenfisch

# Challenge Text
I can't stand these craters that surface mines put in our landscape. It's time to stop them. I've managed to acquire the software running on their servers. Maybe you could use that to get in and disturb their operations?

# Challenge Idea
Use timing information leaked by a hidden profiler to recover an aes key. (crypto + reversing)

# Status
Ready with working exploit

# Reviewers
dezk, pspaul (I think. Don't know the names that well yet :P)

# Setup
Compiling the Sources:
```
meson build
ninja -C build
strip build/open_pit
```

The resulting binary is needed for deployment *and* should be published with the challenge.

Run the binary:
```
socat tcp-listen:1337,reuseaddr,fork exec:"./open_pit"
```

# Administration
## Hardware Requirements

- Number of cores: 4
- RAM: 1 GB

## Environment / Permissions
- Distro: Arch
- Requires write access to /tmp: no

# Solution
See solution/automated_attack.py

# Difficulty
Medium

# Flag
flag{If_coal_is_so_bad_for_the_environment_why_dont_we_just_burn_it_all?!?}