0xL4ugh CTF Write-up
So after a long time, I participated in CTF.
Let’s see how I was able to solve a few challenges.
Misc
1.Sanity check
So let’s go to the Discord page.
Any we find our flag in “TOPIC”
Flag: 0xL4ugh{welc0m3_t0_Our_Firs7_CTF}
Noisy
So let’s download this zip file and see what’s inside of the zip.
So let’s open it with Audacity.
Nothing interesting here so let’s change it to a spectrogram.
So let’s adjust the frequency to view the flag properly.
Flag:0xL4ugh{Sp3c7r0_1s_Gr347}
Gesture
So let’s see what’s inside this zip file.
So let’s first open it with a notepad
Looks like some wired text is inside this file. So I did a google search and I found that this file is used to store pattern lock sequence. So after a few minutes of google search, I found this amazing Github repository. (https://github.com/MGF15/P-Decode)
So we got Pattern and our flag.
Flag:0xL4ugh{75214863}
1990
So let’s open the zip file.
So again I opened it with Audacity but nothing interesting to listen to this wave file and I found that it was a DTMF tone.
with this Website, I was able to decode DTMF tome. (https://unframework.github.io/dtmf-detect/#/)
So now I used “SMS Phone Tap Code Cipher decoder to decode this thing.”
(https://www.dcode.fr/multitap-abc-cipher)
Flag:0xL4ugh{NOTEVERYTHINGONSAMEWAY}
Forensics
Baby Shark
So let’s open a zip file.
So it’s the forensic challenge I opened this file with Wireshark.
And the first thing I did was “Export Objects” and I was able to see many files.
So I opened all the files one by one. Login.php file was interesting
So email is “flag” and password is our flag. So after a few times, I was able to decode it. ( it was base58 string)
Flag: 0xL4ugh{W1R3SH4ARK_I5_N0I53Y}
WEB
Cakes Shop
So let’s open the URL.
So as we can we have one cake shop where we need to buy the flag but our balance is : 0. So I immediately looked into cookie. and able to figure out that if I change the value of the cookie then my balance field is also modified.
Flag:0xL4ugh{baSe_32_Cook!es_ArE_FuNny}
Thank you for reading.
