Notes
We've designed this CTF to be accessable to all levels of experiance and skill. There are 3 stages to the CTF. Each stage has a unique FLAG which is formattted as follows: FLAG{xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx}
1: http://ctf.bsides.london.2019.pwndefend.com/
.... - - .--. ---... -..-. -..-. ... - .- --. . .---- .-.-.- -... ... .. -.. . ... .-.-.- .-.. --- -. -.. --- -. .-.-.- ..--- ----- .---- ----. .-.-.- .--. .-- -. -.. . ..-. . -. -.. .-.-.- -.-. --- -- -..-.
http://stage1.bsides.london.2019.pwndefend.com/
2: http://stage1.bsides.london.2019.pwndefend.com/
- Commented out link to Special Offers?
Visiting http://stage1.bsides.london.2019.pwndefend.com/elements.html is a 404 though :thinking_face:
- Base64 encoded phone number is actually a wierd message:
Phone
echo "Um9ndWUgQS5JLiBEZXRlY3RlZC4uLi4uLi4u" | base64 --decode
Rogue A.I. Detected........%
3: http://stage1.bsides.london.2019.pwndefend.com/generic.html
- Commented out BladeRunner Quote
- Encoded "email"
We also have what I assumed was a Cloudflare encoded email, look's like hash of some description
hash-identifier doesn't recognise it :thinking_face:
HASH: 0c65626a634c796278657860696822786068
Not Found.
:man-facepalming: It is a Cloudflare encoded email
<script data-cfasync="false" src="/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js"></script>
info@untitled.tld
Vault is here:
Enterance to the Vault Requires all 3 Flags e.g. xxxxx-xxxxx-xxx-xxxx