Solution: First, we were given a 7zip file. let's download the file and have fun with it.
Observation: It seems like its not a 7zip it's just normal data!!
So let us see the data !!
Hhmmm … That for sure looks like base64 so I decoded it from base64 in cyberchef.
Cyberchef told me its a png and I could confirm it when I saw the PNG header.
I was struggling here a lot. I tried to search this bot and then try to get the flag from Luca. (I was being silly).
Next, I invited Jade to a private server so that I could test it. Then I noticed that the image said something about an eval function. So I thought I would test if an eval existed and Bingo it was there.
So first I started to search for the flag in variables (I mean things like flag and etc…) but I had no luck. So the next thing I did was to search for the locals. I could see something fishy there !!
I wanted to see what the redacted text was, so I tried to return the variables which took a long time but finally, I did it with a little aid from the author. The main area I struggled with was finding the local variable.
So after the CTF, I got a good script that could find the variable containing the flag.
Explanation: We basically iterate through all the variables and see if the string “rtcp{” exists in the string, “rtcp” is our flag format.
Final step: Of course that final step was to return the variable.
There is our flag !! (Note somebody reset the bot so I had to find the variable again :P )
Thanks for reading !!
