Neverlan CTF write up


This is some of the collection of some interesting questions.

    Reverse 300

  1. First, we got two files. I tried to reverse "revseng".
  2. I open it with IDA, I try to analyse it.
  3. I found that the print() function, it is the custom function and it has string declaration inside.
  4. I try to take out all of it in ascending order:flag{w3con7r01th3b1nari3}
  5. The flag make sense and that's the solution.

    My own encoding-200

  1. Just make plain picture as A.
  2. Continue to work. Get the flag, that is "nicejobyouhacker"

    Stupid Cupid-100

  1. Just decode with up to down since from its vertical has no numbers.
  2. Decode one by one until you get the flag.

    Browser bias-150

  1. Use curl to access. The webpage said that only for commodo 64 devide.
  2. I figure out the commodo. It is a 8 bit devide.
  3. I download the contiki os. I find the webbrowser user agent of it and use curl to pass the user agent.
  4. I got the flag:flag{8b1t_w3b}

    Look into the past 250

  1. I download and unzip it.
  2. After figuring the file inside, I found that in home/User has the bash history and contain 3 password. We have to find 3 password in order to fix the solution.
  3. First password, the picture can be fix by the steghide.
  4. Second password, we have to find the password of user.
  5. last password, it is in table.db.
  6. After that, we open the terminal and run openssl enc -aes-256-cbc -salt -d -in flag.txt -out flag.txt.enc -k
  7. We get the flag: