Bsides Dublin CTF

This is my account of my first CTF. It started at 10:30am or so. Having had no previous experience with CTFs, this CTF really hooked me into the world of competitive hacking. I'll only be talking about the problems I solved here.

BSides Dublin

I ended up in 27th place, which I am very happy with. Without further ado:

Problem 1

The first problem was trivial. Navigating to his profile, it was easy to find the talk he was attending.

Problem 2

This one was a bit of a pain. Looking at the building on the right, it was just barely legible to make out that it is called "Botanero". Taking to Google Maps, and accounting for the style of the streets, I eventually found that the flag was Cancun in Mexico.

Problem 3

I'm quite proud of my solution for this. Inside the .zip file, there were 6000 files, of which only one contained the flag. I sorted the files by size in the Explorer, and bam. The biggest file contained the flag.

Problem 4

This problem involved transcribing the audio file from Morse code to text. The result was base64 encoded, and just decoding this gave the next flag.

Problem 5

This instance leads the user to a page with a login form taking 4 numbers. In the absence of rate limiting, I bruteforced the combination using OWASP ZAP and the four-digit-number wordlist from Seclists on Github. Sorting the responses by length, I was able to find the correct code, and this gave me my next flag.

Problem 6

I didn't solve this problem, but I spent the most time on it so I am including it here.The .7z file, when unpacked, yielded a word document. A password login prompt appeared, and using the password "password" worked.

I spent a long time figuring out each value. The first three values were MD5 hashes. Using Crackstation, they yielded "water", "toast" and "butter". This is, of course, a recipe for onion soup, written in German. The next value was base64-encoded, which spelled out "broth". Then came the Caeserian ciphers - I figured those out by the repeating letter "c" in the second string, which usually implies that a Caeserian cipher is present. The next was ROT13 encoded. The second-to-last was encoded in LEET. I spent a long time on the last one, but I couldn't figure it out.

Turns out, all of the ciphers I had solved were decoys. The last address was a web address for a .onion domain, whose source code showed the flag for this problem.

I don't think I can look at onion soup the same way ever again.

I had a lot of fun doing these problems - I'm not very good at CTFs yet, which is no wonder, but this definitely won't be my last. I look forward to Bsides Dublin 2022, which I can hopefully attend in person.

Show Comments