This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
var hexToAscii = function(input){ | |
var hex = input.toString(); | |
var str = ''; | |
for (var i = 0; i < hex.length; i += 2) | |
str += String.fromCharCode(parseInt(hex.substr(i, 2), 16)); | |
return str; | |
} | |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
``` | |
Create removed.txt file | |
5F 39 | |
33 5F | |
F8 99 | |
53 34 | |
F8 83 | |
9A F7 | |
DD EE | |
5C 6F |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
emoji hunt: | |
flag{emojis_more_like_free_cloud_storage} | |
step 1. Copy all images https://squarectf.slack.com/customize/emoji?utm_source=in-prod&utm_medium=inprod-customize_link-slack_menu-click | |
step 2. follow https://gist.github.com/tobek/a17fa9101d7e28ddad26 | |
step 3. use tab save and download all images | |
step 4. and you get the flag exiftool . | grep -i "fl " | |
Fl 1 : ag | |
Fl 1 : ag | |
Fl 7 : re | |
Fl 7 : re |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
By connecting to the server we see that it requires one or more inputs, when the input is something like 1 then 1. We encounter a door which requires a password. Now we can look at the binary file. | |
I used Ghidra to decompile the file at first, then only later used IDA. First, by looking at the strings we can see some strings that we saw on the server output. I traced them back and found this method. | |
https://imgur.com/AijEsVe | |
It is interesting that the function call has an unusual name “fnv_1a_32”. If we search this on google the first search is a wikipedia page “Fowler–Noll–Vo hash function”. | |
https://imgur.com/NYkjCRm |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/env python | |
# -*- coding: utf-8 -*- | |
# Brute-force string generation | |
# Copyright (C) 2011 Radek Pazdera | |
# This program is free software: you can redistribute it and/or modify | |
# it under the terms of the GNU General Public License as published by | |
# the Free Software Foundation, either version 3 of the License, or | |
# (at your option) any later version. |