This was a free to join CTF competition hosted alongside the BsidesBoston virtual conference. Only players who bought tickets for the actual conference could win prizes (HackTheBox Pro Labs access), but everyone else could play for fun.
Let’s get started!
A simple warm-up flag! Connect to the rules link and inspect the page source.
The next one I attempted was another warm-up challenge. It starts by having you download an image:
After messing around with it a bit, I noticed that the swirls were in fact letters. You can clearly see an “f” on the left side, it’s just swirled all weird. I searched around a bit online and found THIS article explaining how to unswirl an image.
Apparently you can no longer do this for free in the browser-based version of PhotoShop Express, so I downloaded a 30-day free trial of PhotoShop Elements and the exact tool that I needed was greyed out since it was just a trial version! Lol…Oh Adobe…
I know my sister is really good at graphic design, so I messaged her. If she gets back to me by the time the CTF is over, she can unswirl it for me in her paid version.
UPDATE: Sis pulled through and recommended I use GIMP:
She also did it on PhotoShop to compare:
Thanks, Virginia! ❤
For this one, I opened it up in a hex editor and saw what looked like Base64:
I put the text in CyberChef and used the Magic function, which revealed this:
Nice! An easy one after getting annoyed with Adobe. Hey, at least now I know about GIMP.
For this one you are asked to connect via nc, where you will see a bash prompt. By typing “exit” you are rewarded for giving up!
I used the following recipe in CyberChef to decode and get the flag:
For this one there is some heavy allusion to using the strings command. So I ran strings in CyberChef and messed around with the settings for quite a bit of time to see if I could spot anything interesting.
Eventually, after setting the strings to a minimum length of 8, you can see this:
If you look at the last letter of each row, you can read the flag vertically. There was a lot of discussion on Discord about how to solve this one. It seemed to cause a lot of frustration.
For this one you are given a link and see an EZ Bake Oven.
I put some cookies in the oven and then checked the actual cookies for the webpage.
We have what appears to be Base64 again. I decoded it using CyberChef and got this:
So what I think I need to do is change the cookie to reflect 119 hours in the past, so that the oven will already be done when I refresh the page. I changed the date to 6 days prior:
I input my new Base64 code here:
Refreshed the page, and then got this!
The next one I am going to attempt is in the Steganography section. The challenge is almost over though, so hopefully I have enough time to work through it.
We start off with a poster for a BBQ joint:
I recognize this from somewhere, so I did a Google search. It’s definitely the fake restaurant from Mr. Robot. Elliot actually cracks the code on one of these flyers if I am remembering correctly.
Yes, I found a screenshot from the show:
The first thing I did was put it in an online text extractor tool so I could easily copy/paste the numbers:
6 2 26 8 16 21 17 18 3 18 1 17 6 8 3 2 1 14 5 18 17 10 21 18 18 25 15 14 5 5 2 10 20 25 14 13 18 17 10 22 7 21 5 14 22 1 10 14 7 18 5 15 18 6 22 17 18 7 21 18 10 21 22 7 18 16 21 22 16 24 18 1 6 7 21 18 3 14 6 6 10 25 17 22 6 7 10 18 25 25 22 16 24 25 26 18 6 16 7 2
I then used THIS tool to correlate all the numbers with a letter:
F B Z H P U Q R C R A Q F H C B A N E R Q J U R R Y O N E E B J T Y N M R Q J V G U E N V A J N G R E O R F V Q R G U R J U V G R P U V P X R A F G U R C N F F J Y Q V F G J R Y Y V P X Y Z R F P G B
Then I used THIS tool to rotate them into something tangible (ROT13).
S O M U C H D E P E N D S U P O N A R E D W H E E L B A R R O W G L A Z E D W I T H R A I N W A T E R B E S I D E T H E W H I T E C H I C K E N S T H E P A S S W L D I S T W E L L I C K L M E S C T O
I tried to split it up, but the last portion descends into gobbledygook:
SO MUCH DEPENDS UPON A RED WHEEL BARROW
GLAZED WITH RAIN WATER BESIDE THE WHITE CHICKENS
THE PASSWLD IS TWELLICK LMES CTO
I worked with it a little bit:
THE PASSWRD IS T WELLICK LMES CTO
I know there was a character named Tyrell Wellick in the show, and he was the temporary CTO of Evil Corp for a little while. But I can’t get what the LMES means. There might be some mistakes with that since the R in password was messed up. Maybe the S is a C for EC or Evil Corp? But I’m not sure what the LM stands for…
I know I was really close here, but unfortunately I ran out of time!
So that’s all I had time for this go around. I wish that the CTF was longer because there were many more challenges I didn’t get a chance to attempt. That’s kinda the thing I like about CTFs though. You look up and hours have flown by. I think they are hours well spent because I am always learning new things.
Happy Hacking ❤
