Solution uniqueness problem

abstract-sodium · August 13, 2019, 10:16pm

Hi.
I uploaded all 3 ctf and coding solutions. They were not already on their sites’ folders.
Anyway, the Fluid Attacks ranking declares one of my solution is not unique, and I think I know why: I uploaded the OTHERS.lst file of some of my solutions with links with different ways to solve that specific problem (these ways are different from my solution).

What could I do in order for the ranking system to considere my solutions as unique? That way I will be able to request access to Writeups.

Thanks.

hermit-purple · August 13, 2019, 10:38pm

Could you please add the link of the MR in question to clarify?

abstract-sodium · August 14, 2019, 1:10pm

Yes. Thanks. It is https://gitlab.com/autonomicmind/training/merge_requests/2741/ . There, I uploaded an OTHERS.lst file, and it invalidated the uniqueness of my submission.

What could I do?

infinite-loop · August 14, 2019, 2:21pm

This question requieres a pretty deep answer, so here we go:

The uniqueness system was designed to mark a solution as unique only if no others (or others in the same programming language for code) are in the challenge folder.
As one would assume, the algorithm it is not capable of understanding if a others solution is different from a local solution, as others are only links to an external source.
The previous two points make me realize that when we designed this system, assumed that every challenge folder could only be solved in one way… Actually, that is why in VbD challenges, folders must include the CWE code: to grant high granularity.

What would I recommend?: If you think the challenge folder can be split based on what technique was used to solve the same challenge, go for it. That should allow you to have the others you included in separate folders from the one where your solution would be. Just make sure to do this only when there is a considerable difference between the techniques used.

infinite-loop · August 14, 2019, 2:23pm

@roaring-lamport Do you have any thoughts about this?

roaring-lamport · August 14, 2019, 2:30pm

I think @infinite-loop’s answer is certainly the way to go in some cases when alternative solutions need to be considered.

However, for this particular case:

It looks like an honest mistake, so I’d say let us call it unique (even erase the OTHERS.lst in a fix() commit, if need be) and move on.
Even if the OP shot himself in the foot by adding OTHERS to his own challenge, this is one of the most original and interesting challenges I’ve seen in months, after seeing XSS after XSS after not fully exploit SQLi.

abstract-sodium · August 14, 2019, 3:39pm

blue-snot · August 14, 2019, 5:08pm

Uniqueness in code is based on the tuple: challenge-solution-language, not challenge-solution-language-approach.

In the other type of challenges is in the same way, challenge-solution, not challenge-solution-approach. Even if the approach is different, we currently focus on the solution of new challenges, not in solving solved challenges in a different way (approach).

If you solved a non-unique challenge by accident (OTHERs discovered after the fact), is not a problem. Let it in the repo as a solution with a new approach, and focus on a new challenge, unique in the complete sense on the word, or after a few round, another person will find the OTHER and make your solution non-unique.

That’s the beauty of evolution and time.

Topic		Replies	Views
Doubts regarding unique challenges training question	2	405	March 17, 2020
Unique challenge solutions problem training question , guidelines	11	389	March 31, 2021
About challenges hacking training question	11	799	March 14, 2020
Problem with previous submissions' uniqueness training	2	251	July 6, 2021
Abourt unique solutions training question	5	378	March 31, 2020

Solution uniqueness problem

Related Topics