You can find this challenge here on my Github if you don’t have it. This challenge was a pain and a half to solve. Apparently, the pcap file is from a Time-Based SQL attack, which you can read more about here in this article by sqlinjection.net. When I solved this, I did not know this and literally went off of just the pcap file and trying to understand them. Because of this, I solved it more by luck than anything.
This challenge was interesting. It was essentially a steganography challenge with audio which made it unique in this CTF as there were only a few steg challenges. The challenge is here on my github in case you do not have access to it. The first thing to do is to download the two files and open them in audacity. The next thing I did was reasearch until I stumbled accross this paper (look at page 7) detailing different watermark formats.
This will be a short but sweet writeup. You can find a backup of the challenge here on my GitHub in case you don’t have access to it. The challenge is simply to extract some data from a PDF file. When you open the PDF you are presented with this: Knowing this, it looked like there is just an image or drawing over what we want to see, so I did some research to find a suitable program to disassemble the PDF.
If you look at the timestamps for my submissions during this CTF, you will see that between 12:50 and 7:30, there were no submissions. That is becasue for those six and a half hours I was working on this problem, particularly the last part. Also, I lost my notes for this problem, but never fear, I challenged myself to solve it again to do this writeup. If you do not have the challenge, you can find it here on my GitHub.
Checkmate in 1 This challenge was interesting, because I actually found it relatively easy while my teammates could not figure it out earlier during the competition. Keep in mind that this was probably the last challenge I solved, and I think I solved it around 3:30 - 4:00 AM on Sunday. Anyways enough talk lets get into the challenge. You can find a backup of the challenge here on my Github just in case you don’t have access to it.
Something I stumbled accross the other day was GitHub - foxlet/macOS-Simple-KVM: Tools to set up a quick macOS VM in QEMU, accelerated by KVM. This script makes creating a macOS VM really simple, especially for someone who does not have access to an actual Mac. This script even enables you to install it headless to use with a server or cloud provider so that you can remotely use the VM through VNC or a similar method.