CTF WriteupsJoepardy

CipherTextCTF v2 Writeups Misc

fiasco

Solution:

After downloading the file use ‘file’ command to know that this
file is a zip file, add ‘.zip’ after its name and extract the images
then rearrange and merge them into one image (names and sizes
of files don’t matter or refer to there order ) you will get a QR
code and by scanning it you will get this URL:
http://ec2-18-217-40-45.us-east-2.compute.amazonaws.com/fiasco/flag.php
after some information gathering and with the use of the P.S. in
the description you realize that “flagID” can be used to make a
GET request, the page content will change to “Naah thats not the
number” so we can start a brute force of numbers to find the right
GET request value which is 97 and a download of a zip file will
start. So, after trying to extract the zip file you will be asked to
insert a password which is “hotdog” and can be brute forced using
rockyou.txt passwords list. After extraction you will get an exe file
run it on a terminal or a CMD to get your flag after 30 seconds.
If you can’t wait you can use some reverse engineering skills to
know that this file is a compiled go-lang file so decompile it to
read the flag.
Or use ‘strings’ command to read the flag

Audible

Solution:

After download the song , there’s mixed sound on it ~2:07 . you need to know the original song ( common song ) “Dance Monkey” , so download it from youtube ( we add a hint for exact video )

https://www.youtube.com/watch?v=K3yqlF_8Qt8

to make it silent we need to invert original song, it’s noise cancellation mechanism.

Add original song , select it and Effect -> invert , then start from beginning.

Message: hello folks someone leave this message for you CTCTF{noise_cancellation_always_make_difference}

Related Articles

Leave a Reply

Your email address will not be published. Required fields are marked *

Back to top button
Close