NahamCON CTF Writeup
The CTF was in March between 12th and 14th 2021. This repository is included WARMUP, THE MISSION, RECON and MISC questions and answers.
Stay Away Creepy Crawlers
Please follow the rules for this CTF!
Check out the source code and the flag is in comment line
Do you double-knot your shoelaces? You gotta keep’em tied!
Download shoelaces.jpg
I used CyberChef to analyze the file
Was it a car or a cat I saw?
Download esab64 file.
I changed the file extension as txt and in the file mxWYntnZiVjMxEjY0kDOhZWZ4cjYxIGZwQmY2ATMxEzNlFjNl13X
There is a clue in the question Base64 but when I decoded it ….ÙÙ.XÌÄHØÒ@Î…áÈØÄ..Á .Ø.ÌÄLÍ.XÍ.]× has no meaning but the question is spelling in half backward.
So that I changed it from mxWYntnZiVjMxEjY0kDOhZWZ4cjYxIGZwQmY2ATMxEzNlFjNl13X to X31lNjFlNzExMTA2YmQwZGIxYjc4ZWZhODk0YjExMjViZntnYWxm and then I try to decode as Base64. The answer looked like _}e61e711106bd0db1b78efa894b1125bf{galf then reverse it again
Chicken Wings
I ordered chicken wings at the local restaurant, but uh… this really isn’t what I was expecting…
Download chicken_wings file.
I changed the file extension as txt and in the file ♐●♋♑❀♏📁🖮🖲📂♍♏⌛🖰♐🖮📂🖰📂🖰🖰♍📁🗏🖮🖰♌📂♍📁♋🗏♌♎♍🖲♏❝
I researched every single charachter to understand the typing and I found these are Wingdings
The I used this dcode website to solve it.
Download the file below.
Download pollex.jpg
When I downloaded and opened it I saw a there is a thumb picture.
I used CyberChef to analyze the file
There are four different file and I focused the jpg extensions.
- extracted_at_0x0.jpg has the same file size so that it is the original file.
- I download both extracted_at_0x14e.jpg and extracted_at_0x350.jpg file.
- There is the answer
The Mission
Enter the flag you find on The Mission page to open the gates and unlock challenges for The Mission. Please note, your participation in “The Mission” serves as permission for us to share your e-mail address with our sponsors, for potential career opportunities and private invitations to vulnerability disclosure and bug bounty programs.
After solving this challenge, you may need to refresh the page to see the newly unlocked challenges.
Check out the source code and the flag is in comment line
Thank you for taking on The Mission. You can begin by exploring the CONSTELLATIONS public website,
CONSTELLATIONS has “tried” to reduce their attack surface by offering just a static website. But you might find some low-hanging fruit to get you started.
With the flag of this challenge, you should also find a new URL that will assist in the next challenge.
After solving this challenge, you may need to refresh the page to see the newly unlocked challenges.
Check out and the flag is there
User-agent: *
Disallow: /meet-the-team.html
flag{33b5240485dda77430d3de22996297a1} # this flag is for Bionic
This is Stage 1 of Path 2 in The Mission. After solving this challenge, you may need to refresh the page to see the newly unlocked challenges.
Use open-source intelligence to track down information on Hercules.
With the flag of this challenge, you should also find details you can use in later challenges.
We knew that there is Constellations Github repositoryand on the People tab there is a one person Gus Rodry.
In the Gus’ repository there is no answer for us but in the follwers there is an another person HerculesScox.
I checked Hercules’ repository and here the answer
This is Stage 1 of Path 4 in The Mission. After solving this challenge, you may need to refresh the page to see the newly unlocked challenges.
Use open-source intelligence to track down information on Gus.
With the flag of this challenge, you should also find details you can use in later challenges.
I was found two people related to Constellations Gus Rodry and HerculesScox. I checked Gus’ repository and here the answer
#NahamCon2021 #awesome #cool #winning! Did you know that the hashtag has another much cooler name, called the “octothorp?”
Perform some online reconnaissance to track down a flag for #NahamCon2021!
I checked Behrouz Sadeghipour’s Twitter account @NahamSec
Merch Store
Check out our Merch Store! A portion of the proceeds go to support Women in CyberSecurity @WiCySorg!
Perform some online reconnaissance to track down a flag on the merch store!
Check out the source code and the flag is in comment line
Thanks to HackerOne for helping sponsor NahamCon! Perform some reconnaissance on their online presence and find a flag you can submit for points :)
In the HackerOne Discord Channel I searched the NahamCon keyword.
I used CyberChef to decode the clue Synt{rr907q188039nr543o81sq237o6o6q0o}
A Vortex? No… an Abyss.
Click the Start button on the top-right to start this challenge.
#Password is userpass
ssh -p 32140
I run the code in the question after a plenty time there is flag on the screen