sCTF 2016 Writeups

ctf Apr 15, 2016

Over the past week, I participated in an online jeopardy-based CTF competition hosted by sCTF. While sCTF is primarily aimed at high school students interested in hacking and infosec, they allowed other competitors to participate for fun. I was surprised at the overall level of difficulty that the challenges offered! Below are a few quick write-ups for the challenges I completed.

rev1

This was the first reverse engineering problem. You were given a binary file, called rev1. Running the binary gives you this:

What is the magic password?

I decided to run strings against the binary, and was given this output:

aaron@ubuntu:~/Downloads$ strings rev1 | less
... GLIBC_2.2.5 
UH- 
fffff. 
h4x0r!!!H
[]A\A]A^A_ 
What is the magic password? 
Correct! Your flag is: %s 
;*3$" 
GCC: (Debian 4.9.2-10) 4.9.2
GCC: (Debian 4.8.4-1) 4.8.4 
... 

Seeing that "h4x0r!!!" looks a bit out of place, I tested that as the flag. Lo and behold, it worked!

Flag: sctf{h4x0r!!!}


Banana Boy

This was the first forensics challenge. You were given a rather curious image of a toddler eating a banana, called carter.jpeg.

The first thing I checked was the metadata. Unfortunately, EXIF data did not turn up anything interesting. From this point I could conclude that a steganographic technique was used to hide teh flag within this iamge. After some research, I stumbled upon a image analysis program called Stegsolve. I loaded up our image and played around with some of the analysis tools provided.

After messing around with the program, I used the "Frame Browser" utility. To my surprise, there were 2 frames! The second frame (shown below) reveals the flag, and Michael Cera.

Flag: sctf{twf_d4nk_m3m3s_w1ll_a1w4y5_pr3v4il}

Aaron Hoffmann

I do cool stuff with computers sometimes

Great! You've successfully subscribed.
Great! Next, complete checkout for full access.
Welcome back! You've successfully signed in.
Success! Your account is fully activated, you now have access to all content.