Reversing #1 — Cult Meeting
I started by using netcat to connect to the docker.
After that I checked out the file we were given for download. Looking through, I noticed this line right here:
It looks like I spawned a shell. I was able to look around and saw the flag right away:
Forensics #1 — Wrong Spooky Season
This one is a Wireshark challenge:
If you look through the tcp stream, you can see that eventually they installed socat and did a few other sketchy things:
But if you look through Stream 14, you can eventually see this command here:
They transferred some text in Base 64, but it was reversed. From here you can just grab that text and then rev and decode it to get the flag:
Pwn #1 — Pumpkin Stand
I’m going to be honest here, it took me like 30 seconds to solve this and I had no idea what I was doing. I just randomly input some numbers I thought would get me an interesting result.
I didn’t even look at the included downloads.
I was going for a buffer overflow situation, but it looks like it was actually an integer overflow, according to the text from the flag.
Unfortunately I only had time to play the first day of the CTF. New challenges from each category were released every 24 hours. I did have a lot of fun on Day 1 though!