QUT Whitehats CTF Week_2

Mar 6, 2020 by Kush, Nishchal
Tags: kush notes ctf qut whitehats

Week_2

I spent a good 10 minutes trying to figure out the challenges before reaching for help. Eventually was told that the challenge location was “on the end of our slide deck is a link to katacode, thats where Olliver is doing his Challenges https://www.katacoda.com/0xollie/scenarios/0x01"

Signed up for Katacoda and nativated to the URL.

WARNING: Like all my CTF notes, this contains spoilers.

Challenge 1 - Normal files - 10pts

These are just regular files flag syntax: flag{insert_flag_here}

  • Started the scenario
  • Listed directory contents ls
  • Checked content of welcome file cat welcome
  • Submitted: flag{happy_files}

Challenge 2 - Hidden files - 20pts

These files are a little bit harder to find flag syntax: flag{insert_flag_here}

  • Listed all files (including hidden files) ls -a
  • Manually reviewed the contents of the .here file cat .here
  • Submitted: flah{secret_files}

Challenge 3 - Searching for files - 30pts

You might need to find this flag flag syntax: flag{insert_flag_here}

  • Tried to find any files starting with the pattern flag find / -name flag*
  • Found file /var/log/flag/log
  • Manually reviewed the content of the file cat /var/log/flag.log
  • Submitted: `flag{fido_the_dog}

Challenge 4 - Tar is sticky - 30pts

Eww sticky, cats won’t help you here. flag syntax: flag{insert_flag_here}

  • We already found sticky.tar.gz in /root (Challenge 1)
  • Uncompressed and extracted files from the archive tar zxvf sticky.tar.gz
  • Manually reviewed the root/flag4.txt file cat root/flag4.txt
  • Submitted: falg{tar_untar_sticky}

Challenge 5 - I got a new job - 50pts

Work is pretty stressful, you should check my system logs flag syntax: flag{insert_flag_here}

  • Searched in /var/log/syslog for flag grep -i flag /var/log/syslog
  • Found my_JOB_is_to_hide_flags
  • Attempted submitting that as a flag but failed, the realised that JOB was capitalised
  • Checked cron jobs for self using crontab e
  • Submitted: flag{what_a_cron_job}

Challenge 6 - Hey man checkout my code - 30pts

Like any good developer I use version control flag syntax: flag{insert_flag_here}

  • Unsure of how to progress and decided to checl the
  • Cloned the repo https://github.com/oliverjcollins/flag git clone https://github.com/oliverjcollins/flag
  • Checked files in the repo cd flag/; ls -l
  • Manually reviewed the contents of clever.txt
  • Submitted: flag{git_lost}

Challenge 7 - Let’s get scripty - 10pts

This one isn’t hard to find but you can get a pretty looking shell flag syntax: flag{insert_flag_here}

  • We found ch7.sh already (Challenge 1)
  • Manually reviewed the contents of the script cat ch7.sh
  • Submitted: flag{cool_shell}

Challenge 8 - There’s somebody else here - 100pts

There’s somebody else here, I might be chasing shadows flag syntax: flag{insert_flag_here}

  • Searched for flag in shadow file grep flag /etc/shadow
  • Submitted: flag{shadows_reflect}

After spending a bunch of time typing to find flags to challenges 9 through to 11, realised that flags might not be related to the katacode environment. Found out that the slides for the week 2 session had been released, so started to manually review these, until i found the flag on the elevator and realised that the flags were in the slides

Challenge 9 - Can I Get In Please - 150pts

This ones hidden in plain sight, Amazing what you can uncover in photos! flag syntax: flag{insert_flag_here}

  • Examined all the photos in the slide could not find anything
  • Gave up for a while
  • I had tried to help Lazarus97 with ParrotOS Sec update issue, so Lazarus97 helped me out with saying the hint was similar to “TAFE rooms are easy to get in to” and that zooming and panning is required
  • Found flag in top picture on slide 20
  • Submitted: flag-{let_me_in_let_me_in}

Challenge 10 - Up And Down - 90pts

Going Up and Down is fun when someone does all the work

  • Manually reviewed the week 2 slides
  • Found flag on elevator screen on slide 26
  • Submitted: FLAG{Open_Doors}

Challenge 11 - Rick And Morty - 50pts

Amazing how art can captivate, this will be an exclusive one night flag enjoy :) flag-{flag_syntax_like_this} It is case insensitive for this flag

  • This flag was written on the whiteboard, and thus only available to those who attended the workshop
  • I had helped NinjaGoat out with a couple of challenges, so NinjaGoat helped me out with FLAG{ITS_CLOCK_MORTRY}
  • Submitted: flag-{its_time_morty}

See also