sCTF 2016 Writeups
Over the past week, I participated in an online jeopardy-based CTF competition hosted by sCTF. While sCTF is primarily aimed at high school students interested in hacking and infosec, they allowed other competitors to participate for fun. I was surprised at the overall level of difficulty that the challenges offered! Below are a few quick write-ups for the challenges I completed.
rev1 Link to heading
This was the first reverse engineering problem. You were given a binary file, called rev1. Running the binary gives you this:
What is the magic password?
I decided to run strings against the binary, and was given this output:
aaron@ubuntu:~/Downloads$ strings rev1 | less
... GLIBC_2.2.5
UH-
fffff.
h4x0r!!!H
[]A\A]A^A_
What is the magic password?
Correct! Your flag is: %s
;*3$"
GCC: (Debian 4.9.2-10) 4.9.2
GCC: (Debian 4.8.4-1) 4.8.4
...
Seeing that “h4x0r!!!” looks a bit out of place, I tested that as the flag. Lo and behold, it worked!
Flag: sctf{h4x0r!!!}
Banana Boy Link to heading
This was the first forensics challenge. You were given a rather curious image of a toddler eating a banana, called carter.jpeg.
The first thing I checked was the metadata. Unfortunately, EXIF data did not turn up anything interesting. From this point I could conclude that a steganographic technique was used to hide teh flag within this iamge. After some research, I stumbled upon a image analysis program called Stegsolve. I loaded up our image and played around with some of the analysis tools provided.
After messing around with the program, I used the “Frame Browser” utility. To my surprise, there were 2 frames! The second frame (shown below) reveals the flag, and Michael Cera.
Flag: sctf{twf_d4nk_m3m3s_w1ll_a1w4y5_pr3v4il}