Google CTF: Beginners Quest

I’ll skip the talk for now. Let’s get started on hacking.

Space-Time Coordinates: Misc

I downloaded the attachment and was greeted with two files: log.txt and rand2. Let’s use the file command to find out more about rand2.

I discovered that rand2 is an ELF file. However, due to insufficient permissions, I could not execute it. Running the following command changed the permission of the file.

I executed the file, and this was the result:

I deciphered that by entering the correct combination, I would obtain the flag. However, there are too many combinations to try! Since the flag was in this executable, I used the strings command, and there was a massive output. I was looking for a flag, so I simply added that to the GREP command.

Satellite: Networking

I downloaded the attachment, and it contained two files again: READ_ME.pdf and init_sat. I checked the PDF, and it provided with the name of the satellite.

I proceeded to check the type of file init_sat was.

ELF again! I tried executing it but did not have sufficient permissions. I fixed that quickly.

Then, I ran the file. It opened to this.

I quickly knew to enter the satellite name found in the picture previously: osmium. The results obtained are as below.

I was provided with a username, an encrypted password and a Google document. I opened the document it consisted of Satellite Config Data, as shown below.

I determined that it was a base-64 encoded string by observing that the end was padded up by ‘==’. I decoded it.

Then, I fired up Wireshark and started executing init_sat again. I found this while observing the packets obtained.

Next, I copied this with printable text and pasted it on a notepad to get the flag!

Work Computer: Sandbox

I connected to Netcat with the given readme.ctfcompetition.com 1337. Immediately, I realised that it was a shell.

There were two flags available: ORME.flag and README.flag. I failed to open the files with the cat command, so I decided to enumerate the shell more. I looked through the core programs the shell had in the /bin directory.

I looked through the long list (it’s longer than the picture I have inserted), and busybox caught my attention. However, when I used it, an error ‘could not be called’ came about. Other than that, tar seemed interesting. I read up more and tried using it. It worked, and I obtained the flag!

Home Computer: Forensics

The attachment contained two files: family.NTFS and note.txt. The text file does not really aid in finding the flag because it only gives instructions on how we can change the NTFS file type to suit us if we are running macOS. I checked the type of file and discovered that it is most likely a disk image.

I issued a command to mount the family.ntfs to view the files it contained.

This is the content found:

Based on the files, I determined that it is a Windows machine. First, I started enumerating the Users file. There was nothing in the folders, except for Documents and Pictures. A notable mention would be credentials.txt found in the Documents folder. It stated, “I keep pictures of my credentials in extended attributes”. I found out more information based on this.

Then, I wanted to extract the ‘user.FILE0’ file. I issued another command.

From this, I knew that I had found the ‘pictures of the credentials’ as stated in the credentials.txt. To obtain the picture, I directed the results of this command to a file.

The image obtained shows us the flag!

Government Agriculture Network: Web

The link (https://govagriculture.web.ctfcompetition.com) brings us to a website where we can submit posts.

I submitted a test text, and it brought me to this page.

I checked the Network logs, and it revealed that a POST request had been sent.

From this, I deciphered that the text submitted is posted to the admin. This made me realise that I should perform an XSS attack. I entered a malicious Javascript that sends the session’s cookie to Request Inspector, which is acting as a webserver.

Here are the results obtained from Request Inspector, and the flag has been found!

FriendSpaceBookPlusAllAccessRedPremium.com: Reversing

This flag was more challenging to obtain. I had to read up more on stack-based Python programs.

This challenge is still in progress…

Google CTF has been a fun challenge, and I learnt a few new tools and commands. I look forward to learning more and participating in more CTFs.

Shoutout to my buddy, Neeranjan, for getting me interested in creating writeups! Check his writeups out if you are interested in CTFs.

Aiming to have every piece of the pie. You name it, I’ll give it a shot