This is the last installment of my Archive Writeup CTF.
Here's the map if you somehow want to access all of the series: The map
The gap is pretty long I know, but actually I've done Wargames.my 2019. This is a team ctf but when competition comes, everyone busy AF so I ended up doing this ctf alone for 2 days in my dorm room.
I did not get any points from the effort but granted with my skills at that time, I was bound to get nothing. So, no use for me to document a CTF where my "team" got 0 point
Instead, I will document F-Secure CTF 2020. This is I think the first CTF that usually physical i.e. my team have to go to security lab and go compete from there but hosted online due to the current Pandemic which is still on by the time of writing
Here's the logo:
Ok, It all started with a poster that sadly unrecoverable advertising this CTF. This is pretty annual thing in my uni where we send teams to participate in this CTF each year and yea, I also registered my team in this CTF.
Now originally, this CTF supposed to take place in March:
But got delayed to June:
So yea, there's that. Now, for the fun stuff. Did my team qualify?
If solving only 2 challenges is enough to qualify then man, that year's team sucks(for this specific CTF not like big scale like DEFCON)
My team did not qualify as per expected.
Here are the two challenges that we can scrape points:
1) What_Is_Vinegar
-> This falls into the cryptography category.
We will get this when opening the .txt file given:
Here's the info that we've got so far:
Type of cipher> Vigenere Cipher (This is the only cipher with V)
Key of the cipher > cyber (just pulled random from the CTF title)
So, we use Cyptii to solve this cipher:
2) Esoteric (I don't remember the name specifically so yea, there's that)
We will get an Esoteric.bin file that contains this:
If you can see in the highlighted box there, I've pointed out that those are Brainfuck scripts.
Now, what is Brainfuck for those first time listening to em'?
Brainfuck is one type of esoteric programming language meaning that we don't use this language in production.
Why? ok, here's the Brainfuck script to print "Hello World"
for comparison, here's print hello world in python (the most famous programming language according to Google):
It is too damn long to be used properly and also the syntax weird hence the "esoteric" part
But if you want to diss people class fully, you can use this language like this:
nobody can detect that language, lol.
Here are links for you to dive into this world of Brainfuck:
https://blog.klipse.tech/brainfuck/2016/12/17/brainfuck.html (the explanations)
https://andrew.hedges.name/experiments/brainf_cker/ (Brainfucker encoder)
https://www.dcode.fr/brainfuck-language (the decoder) > we will use this one
Remember, delete the hex and | part to get this script:
--[----->+<]>.+++++++++++++.+++[->+++<]>.[--->+<]>----.+++[->+++<]>++.++++++++.+++++.----------.--[--->+<]>-.+[->+++<]>+.+++++++| |+.--------.-[---| |>+<]>+++.---[->+|
|++<]>.+++.++++++|
+++++++.++++++.
Run em' into the decoder and we got this:
the flag here is fsbrainduckcyberx
Those are the only challenges that my team can settle in this CTF.
Now quick recap, what do we learn?
you're welcome😉
Comments
Post a Comment