Slime Season 3 (Programming) – 60

Description

I only pay in coins because I’m hipster, but I forgot to bring my nickels today! But I really want to buy this elite gaming computer. What’s the smallest amount of coins you need to make $1,827.43 using quarters, dimes, and pennies.

Solution

Immediately, this rings dynamic programming bells on making change that I learnt in my algorithms class, however as this is american currency, we can simply use greedy instead. 

For the so-called canonical coin systems, like the one used in US and many other countries, a greedy algorithm of picking the largest denomination of coin which is not greater than the remaining amount to be made will produce the optimal result.[2] This is not the case for arbitrary coin systems, though: if the coin denominations were 1, 3 and 4, then to make 6, the greedy algorithm would choose three coins (4,1,1) whereas the optimal solution is two coins (3,3).

Therefore, we don’t need to use programming for this, we can simply just do the calculations by hand. 

7309 quarters + 1 dime + 7 pennies

ABCTF{7315}

 

MoonWalk (Forensics) – 60

Description

There is something a little off about this picture. If you could help us we could give you some points! Just find us a flag!

Solution

There doesn’t appear to be anything ABCTF related using strings, or any sort of “invisible” text after exploring the image in gimp.

We’re going to use the program binwalk to look into the PNG and see if there are any embedded files hiding inside the image. Binwalk will look for the headers of other files and see if they are hiding inside.

DECIMAL       HEXADECIMAL     DESCRIPTION
--------------------------------------------------------------------------------
0             0x0             PNG image, 3200 x 2953, 8-bit/color RGBA, non-interlaced
85            0x55            Zlib compressed data, best compression
2757          0xAC5           Zlib compressed data, best compression
765455        0xBAE0F         JPEG image data, JFIF standard 1.01
765485        0xBAE2D         TIFF image data, big-endian, offset of first image directory: 8
1809691       0x1B9D1B        StuffIt Deluxe Segment (data): f

The JPEG is pretty interesting, at offset 765455, now all we need to do is extract it. We can use another program, foremost, to extract out the file from a given offset.

foremost -v -s 1494 PurpleThing.png

And we have extracted this cool looking image with our flag on it

ABCTF{PNG_SO_COOl}

Java Madness (Reverse Engineering) – 50

Description

Hey if you can get this to pass some tests you could probably have the flag.

Solution

Time for some source code auditing, From the looks of it, and running the code, the program requires 5 arguments and then prints out those arguments in reverse.

java what_the_hack a b c d e 
edcba

We need to make this variable equal to “abctf is the coolest ctf”. So let’s put it in reverse!

java what_the_hack 'ftc' ' tselooc' ' eht' ' si' ' ftcba'
Flag: ABCTF{ftc tselooc eht si ftcba}

Best Ganondorf (Forensics) – 50

Description

You know the deal. Find a flag in this this file?

Solution

After downloading the JPEG, it can’t be opened, apparently the header is corrupted, so let’s use a hex editor and see if we can fix it up. All JPEG images have the following starting bytes: FF D8 FF.

So let’s change the first few bytes and see if that fixes our image. It did and we can see the flag written on a fantastic image of cash money.

abctf{tfw_kage_r3kt_nyway}

Chocolate (Web Exploitation) – 50

Description

If you could become admin you would get a flag. Link

Solution

Looking at the HTTP header for the site, we see a cookie being exchanged.

It has this value.

e2FkbWluOmZhbHNlfQ%3D%3D

Which when decoded from URL format gives us

e2FkbWluOmZhbHNlfQ==

Aha, now doesn’t this just look like base64. Decoding it gives us,

{admin:false}

So, let’s change it to

{admin:true} then re-request the page.

e2FkbWluOnRydWV9 is our new cookie value.

We can use the chrome dev console to change the value of our cookie.

document.cookie="coookie=e2FkbWluOnRydWV9"

Refresh the page and we get our flag

ABCTF{don’t_trust_th3_coooki3}

Archive Me (Reconaissance) – 50

Description

If you could look at our website from a while ago im sure the flag would be there…

Solution

Seems like we need to view abctf.xyz from the past. Using the way back machine, we see there are 2 snapshots taken on the 10th of May 2016, one of which proudly displays the flag right under the main title.

ABCTF{Archives_are_useful!}

Drive Home (Reconaissance) – 50

Description

We found this link scribbled on a piece of paper: document/1_TxYCrk5vIMlUjiB1OioXmR7b-Uq_a9aPIh9JyYlPNs/edit?usp=sharing.
It is broken but we need you to fix it!

Solution

This link looks very similar to a google drive (doc) link, so, looking at existing google doc URLs, we see the only thing missing is a /d/ between document and /1_TxYCr…..

https://docs.google.com/document/d/1_TxYCrk5vIMlUjiB1OioXmR7b-Uq_a9aPIh9JyYlPNs/edit

abctf{g00gle_driv3_1s_my_f4v0r1t3}

The Flash (Web Exploitation) – 35

Description

Can you somehow get the flag from this website?

Solution

This website is very similar to the previous Web Exploitation challenge. Looking inside the source, we see a similar commented out password.

<!-- c3RvcHRoYXRqcw== -->

However, using this password on the input box doesn’t seem to work. The password looks like it is encoded in base64 by the = symbols at the end, as = is used as a padding character. Running through a decoder we get the password.

stopthatjs

Using this, the flag flashes before our eyes before being overwritten by ‘HAHHAHAHA’. But luckily for us we just check the source and see our flag there.

ABCTF{no(d3)_js_is_s3cur3_dasjkhadbkjfbjfdjbfsdajfasdl}

WordPress.com.

Up ↑