RSS
 

HACKvent 2015: Day 1

09 Dec 2015
CTF: Hackvent 2015
Link to challenge: http://hackvent.hacking-lab.com
Date Completed: 09 December 2015

Challenge

Solution

I decode the string above using a Vigenere Cipher solver with the key ‘geek‘ (deduced from frequency analysis).

The message I get is:

The message is pretty clear. First spot I check as a webmaster is /robots.txt (psss go check my websites robots.txt :p). I find 1 disallowed resource which is: /MeMyselfAndI-surfingInTheSky/hacker.jpg

I visit this webpage in my browser and find the picture Santa was hiding, here it is:
Santas Hidden Picture

Following Santa’s clues, I use Google reverse image search to find other images like this on the web.
I find one website with a similar image, namely at: http://hacking-lab.club/

This is what the webpage looks like:
Hacking-Lab Club Webpage

Drat! We are too late, luckily cache is a thing.
You can either check WayBackMachine or Google cache to find a previous state for the webpage.
We inspect the source of the website in Google cache and discover a reference to: /work.jpg
Unfortunately that image is not on the live website but work.png was! (Finding this was just guesswork based on the format of the ‘too late’ Christmas ball).

This is what work.png looks like:

Day 1 Solution QR Code

We scan it to get our flag:  HV15-Tz9K-4JIJ-EowK-oXP1-NUYL

 
No Comments

Posted in Hackvent 2015

 

Leave a Reply