From 95ff12d5c63ec54b28c05d59eece60ad7270e3fa Mon Sep 17 00:00:00 2001 From: Matthias Prader Date: Sat, 18 Jan 2020 09:37:51 +0000 Subject: [PATCH] Update ctfzone19.md --- writeups/matthias/ctfzone19.md | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/writeups/matthias/ctfzone19.md b/writeups/matthias/ctfzone19.md index 5850e75..a9187a6 100644 --- a/writeups/matthias/ctfzone19.md +++ b/writeups/matthias/ctfzone19.md @@ -2,7 +2,7 @@ --- I don't know exactly why but I didn't really warm up to the challenges in this CTF. It was the first time I saw challenges like OSINT/Forensics and decided to take a look at them. I spend about 15 hours for this CTF. -## misc/osint: Memology (solved) +##misc/osint: Memology (solved) --- The challenge description was: ```text @@ -12,7 +12,7 @@ I started, obviously, by searching that "TheBestAccountOnTheInternet". After a w The account had uploaded 9 memes, each something about related to computersience, and with an image description of the form `#AnswerX is the ...` with `X` being a number between 1 and 9 and `...`being something related to the meme like `middle name of the person in the meme`. Five of those answers could be found in a comment, that either the account "TheBestAccountOnTheInternet" or a friend of the person behind this account had posted under an image of the Instagram profile of the real person behind the meme (once it was a fanpage of the person behind the meme). -As in the first image posted was linked another meme account, I assume this account as the friend. It turned out to be right. +As in the first image posted was linked another meme account, I assumed that account as the friend. It turned out to be right. So after a lot of googling and scrolling trough comments I found the five answers. One Answer was located on the Wikipedia page of the meme character. I found it in the edit history. @@ -24,10 +24,10 @@ The meme with the description that says, that the answer is the middle name of t Until now, every picture used in the memes was quiete popular and therefore it was fairly easy to find information about it. But the last one wasn't. I had to find the YouTube channel of the person on the meme. After a lot of searching (I found the same meme again on twitter, also the same image used in a different meme), I came across the Yandex search engine, which does also a reverse image search. The search found an article, which contains the original image used in the meme. The article has also linked the YouTube video from which the image was taken. -So I had all 9 answers. The Instagram Story of TheBestAccountOnTheInternet contained the information hot to generate the flag out of the answers: all answers in lowercase, "ctfzone{answer1, answer2, ..., answer9}". +So I had all 9 answers. The Instagram Story of TheBestAccountOnTheInternet contained the information how to generate the flag out of the answers: all answers in lowercase, "ctfzone{answer1, answer2, ..., answer9}". Which is the following: ctfzone{hayes_48_funh0liday_r3ady_awesome777_smi1e_best3000_be1la_mclaurin} -## osint/forensics: Honey is sweet but bees sting (not solved) +##osint/forensics: Honey is sweet but bees sting (not solved) --- ```text Your tool is really awesome, and plugins you recommended to me were very helpfull, I appreciate your help. Can you please check this network dump? Help me to catch him! @@ -46,7 +46,7 @@ C= Client 185.100.87.206, S = Server 213.159.215.210 [C] mysql login request user root [S] responds ok [C] query: select @@version_comment limit 1 -[S] responds with some lind of payload that contains "/etc/passwd" +[S] responds with some kind of payload that contains "/etc/passwd" [C] sends the content of /etc/passwd [S] responds ok [C] query: show databases -- 2.43.0