root💀bl4ck4non-sec:~#

Hack. Eat. Sleep. Repeat!!!

View on GitHub

image

Challenges Solved

Misc

OSint

Forensics

Blockchain

Misc

Sanity Check

image

Checking the announcement channel on the discord server should get you the flag

image

FLAG:-n00bz{w3lc0m3_t0_n00bzCTF2024!}

Osint

Tail

image

Checking the image

image

We have this, so the task is to find the airline’s hub (the airport where they mostly operate from). Use the three letter airport IATA code and wrap it in n00bz{}.

Doing a reverse image search

image

I didn’t find anything interesting, so I just did this instead

image

Yup😂, So I found the airplane’s hub to be Air Tahiti Nu, the next thing now is to find the IATA code

image

That’s the IATA code

FLAG:-n00bz{PPT}

Forensics

Plane

image

Download the file to your machine

image

Checking the content of the image

image

The task is to get the latitude, longitude of the place this picture is taken from, rounded upto two decimal places.

Lets use exiftool on this image

image

Using this online calculator I was able to solve this challenge

image

We got our flag

FLAG:-n00bz{13.37,-13.37}

Wave

image

Download the file to your machine

image

We have a wav file but as you can see from the above screenshot, it’s not showing that. This can only mean one thing (the file signature has been messed with)

Lets use Hexeditor to check the file signature

command:hexeditor chall.wav

image

Yup, it has been messed with.

Lets get the correct file signature

I downloaded a wav sample online

image

Then I checked the magic bytes using hexeditor

command:hexeditor (filename)

image

Niceeeeeeeee, now lets correct our ```chall.wav`` file

image

ctrl + x to save

Runnng the file command again

image

Niceeeeeeeeeee, playing the wav file I found it to be morse code, to solve the challenge we can use morse decoder

Lets use this

image

We found our flag

FLAG:-n00bz{BEEPBOPMORSECODE}

Disk Golf

image

Download the file to your machine and extract

image

I love disk challs hehe, this one was quite easy though (easier than sanity check hehe💀)

For some unknown reasons I couldn’t mount this using the mount command, so I used Autopsy instead

image image image image image image image image image image image image image

We’ve successfully mounted the disk image

Now, to get the flag just search for “flag.txt” (ezzzz right??)

image

Checking the content

image

This looks like Ascii Code, lets decode

image

FLAG:- n00bz{7h3_l0ng_4w41t3d_d15k_f0r3ns1c5}

Blockchain

EVM - The Basics

image

The task is to find the value, in hex, that you need to send to make the contract STOP and not self destruct.

We were given a txt file, checking the contents of the file

image

This is an EVM ByteCode, so we can use an online bytecode decompiler to decompile

Lets use this

image image

This is a code snippet written in EVM (Ethereum Virtual Machine) bytecode. Specifically, it appears to be a smart contract written in a low-level, assembly-like language used for Ethereum smart contracts.

I actually can’t read this so I had to look for another decompiler

I found this

image image

Finally, a code I can read

function function_selector() public payable { 
    assert(0xfdc29ff358a3 != 4919 * msg.value);
    selfdestruct(0);
}

Before I explain this, lets convert that hex value to decimal hehe

function function_selector() public payable { 
    assert(279012349008035 != 4919 * msg.value);
    selfdestruct(0);
}

Now I can explain what this piece of code does

1. Receives Ether: The function can accept Ether when called due to the payable keyword.

2. Assertion Check: It checks if the product of 4919 and the amount of Ether sent (msg.value) does not equal 279012349008035. If this condition is false, the transaction reverts.

3. Self-Destruct: If the assertion passes, the contract self-destructs and sends all its remaining Ether to the zero address (0), effectively burning the Ether.

Let me break it down further, the contract stops if

279012349008035 == 4919 * msg.value

This is more a maths issue lool, to get the msg.value we can just do this

msg.value == 279012349008035/4919

Lets get the value

image

Niceeee, lets convert that to hex using this

image

We found our flag already😎

FLAG:-n00bz{0xd34db33f5}

EVM - Conditions

image

A similar task, lets check the content of the txt file we were given

image

Lets decompile with this

image image

I’m not reading this😂

image

Yup, this is better

function function_selector() public payable { 
    assert(6750 + msg.value != 0xdb15fe);
    selfdestruct(0);
}

Just as I did in the last challenge, I’ll be converting the hex to decimal

function function_selector() public payable { 
    assert(6750 + msg.value != 14358014);
    selfdestruct(0);
}

Now, let me explain what this piece of code does

1. Function: function_selector can receive Ether (payable) and is publicly accessible (public).

2. Assertion Check: It checks if 6750 + msg.value is not equal to 14358014. If they are equal, the assertion fails, and the transaction reverts.

3. Selfdestruct: If the assertion passes (meaning 6750 + msg.value is not equal to 14358014), the contract self-destructs and sends all its remaining Ether to the zero address (0), effectively burning the Ether.

Let me break it down further, the contract stops if

6750 + msg.value == 14358014

So, to get our msg.value we can do this

msg.value == 14358014 - 6750

Lets calculate this

image

Now, we can convert 14351264 to hex using this

image

Yup, that’s our flag

FLAG:-n00bz{0xdafba0}

You can check out sensei’s writeup here

Till Next Time :xD



Back To Home