Open in app

Sign in

Write

Sign in

Tenable CTF Writeup

Erkan Kılıç
5 min readJun 10, 2021

--

The CTF was in Feb 18th-22nd 2021.
This reading is included WEB, STEGO, CRYPTO and MISC questions and answers, which are I can solve.

WEB

Stay Away Creepy Crawlers

Find the flag where they keep the creepy crawlers away.
http://167.71.246.232/
Alternate: http://167.71.246.232:8080/

To find the subdirectory, use dirb
dirb http://167.71.246.232/
http://167.71.246.232/robots.txt

flag{mr_roboto}

Source of All Evil

Find the flag here:
http://167.71.246.232/
Alternate: http://167.71.246.232:8080/

Check out the source code and the flag is in comment line.

flag{best_implants_ever}

Can’t Find It

Find the flag here:
http://167.71.246.232/
Alternate: http://167.71.246.232:8080/

Check out the source code and there is a subdirectory as images.

http://167.71.246.232/images/ under this directory, we have the list of index for images subdirectory.

In this sub-directoy, try to list unlisted subdirectory.
http://167.71.246.232/images/flag

flag{404_oh_no}

Show Me What You Got

Find the “indexes” flag here: http://167.71.246.232/
Alternate: http://167.71.246.232:8080/

We knew that images subdirectory has two different file.

http://167.71.246.232/images/aljdi3sd.txt read the file.

flag{disable_directory_indexes}

Header For You Inspiration

Find the flag here: http://167.71.246.232/
Alternate: http://167.71.246.232:8080/

Send the request to Burp Suite and check out the response.

Alternate: Check out the source code and take a look Header.

flag{headersftw}

STEGO

Easy Stego

Can you find the flag?
Download blm1.png

I used the Stereogram Solver to analyze the image.
First of all, I changed the Offset value as 1 from Analyze tab and I had a RGB file.

Left image is the original file. Right image is the Offset output.

Then I used Full Red, Full Green, Full Blue option and I had three different images.

flag{Bl4ck_liv3S_MATTER}

Hackerman

What’s the flag?
Download silly_hacker.svg

The file extension is SVG.
An SVG (Scalable Vector Graphics) file can opened by one of any browser or an image tool like Photoshop, Illustrator, or GIMP.
So that I used browser option and than search flag keyword.

flag{m1cr0dot}

Secret Images

We discovered Arasaka operatives sending wierd pictures to each other. It looks like they may contain secret data. Can you find it?
Download crypted1.png and crypted2.png

Left image is the crypted1 image. Right image is the crypted2 image.

There are two images and have a same looks, so I used Image Combiner in Analyze tab on Stereogram Solver.
I used XOR option to combination.

flag{otp_reuse_fail}

CRYPTO

Easy Peasy

Find the flag here:
NzMgNzkgNmUgNzQgN2IgNzAgNjIgNjEgNzQgNjUgNmUgNjcgNjYgNWYgNmMgNjIgNjggNWYgNzQgNjIgNjcgNWYgN2EgNzIgN2Q=

I used CyberChef to decode.

  1. From Base64 to Hex
    73 79 6e 74 7b 70 62 61 74 65 6e 67 66 5f 6c 62 68 5f 74 62 67 5f 7a 72 7d
  2. From Hex to Text
    synt{pbatengf_lbh_tbg_zr}
  3. ROT 13

flag{congrats_you_got_me}

MISC

Esoteric

Find the flag here:

--[----->+<]>.++++++.-----------.++++++.[----->+<]>.----.---.+++[->+++<]>+.-------.++++++++++.++++++++++.++[->+++<]>.+++.[--->+<]>----.+++[->+++<]>++.++++++++.+++++.--------.-[--->+<]>--.+[->+++<]>+.++++++++.>--[-->+++<]>.

To understand what this code is, I made a plenty of research.

  1. I searched as “What is esoteric”, “Esoteric cryptography”, “Esoteric coding”.
  2. I found a clue while researching as “Esoteric coding”.
  3. Esoteric coding is “An esoteric programming language is a programming language designed to test the boundaries of computer programming language design, as a proof of concept, as software art, as a hacking interface to another language, or as a joke.”.
  4. And the I found the answer, this coding is Brainfuck.
  5. Brainfuck is “an esoteric programming language created in 1993 by Urban Müller. Notable for its extreme minimalism, the language consists of only eight simple commands and an instruction pointer. While it is fully Turing complete, it is not intended for practical use, but to challenge and amuse programmers.”.
  6. The main issue was I don’t know how to decode it and I found this website.

flag{wtf_is_brainfuck}

Reggie McRegex

Find the flag in the attached file containing a haystack. Not including the quotes, the flag will be in the format of “flag{here_is_a_flag}”. The text between the curly braces can consist of lowercase characters and underscores and be a maximum length of 16. You’ll know it when you see it.
Download haystack.txt

I opened the file by LibreOffice and there were 1555 pages, 726 words, 7.257.622 characters, and it is hard to find answer if you think read all of them.
We have three clues given in the question:

  1. The answer must be start as “flag{“.
  2. The length of answer must be 16 between the curly braces.
  3. The answer must be end as “}”.

Firstly, I run grep -o -e '.....................}\b' haystack.txt > haystackv1.txt to extract ending with "}" and included "flag{".
Dot means number of character in the answer with flag{.
Then, I run grep -o -e '\bflag{.................' haystackv1.txt to find which value start with "flag{".
Dot means number of character in the answer with }.

flag{thy_flag_is_this}

Quit Messing With My Flags

This flag had an accident. What’s it really supposed to be?
flag{161EBD7D45089B3446EE4E0D86DBCF92}

I copied and pasted the value on Google Search, it’s MD5 and decode it.

flag{P@ssw0rd}

Find The Encoding

DeZmqMUkDJceycJHJPzZet

I used CyberChef to understand what is encoding and it’s Base58.

flag{not_base64}

Ctf
Ctf Writeup
Hacking
Tenable
Writeup

--

--

Erkan Kılıç

Written by Erkan Kılıç

10 Followers

Learner of Cyber Security

Help

Status

About

Careers

Press

Blog

Privacy

Terms

Text to speech

Teams