Home Write-Up Advent of CTF 2020 Challenge 8
Post
Cancel

Write-Up Advent of CTF 2020 Challenge 8

Overview

The NOVI University Of Applied Sciences is offering an Advent CTF challenge for December 2020. The CTF is created by our community member of the Hackdewereld.nl and Chief Lecturer for Cyber Security at the NOVI University, Arjen Wiersma. If you want to participate in these CTF challenges, you can create an account on the website https://www.adventofctf.com/.

Challenge 8

  • Description: If only you could figure out where to go.
  • 800 Points

Let’s start with this challenge! I visited the challenge URL https://08.adventofctf.com/ and ended up on the webpage below. This webpage contains the message: Did you know that the fastest robot can solve rubiks cube in 0.887 sedconds? No, I wasn’t aware of that. Learned something today…

advent-of-ctf-challenge-8-robots

The message is talking about a robot. When you talk about a robot on a webpage, in a CTF, you are talking about robots.txt. Let’s check the robots.txt. This is a plain text file, that consists of one or more rules. Each rule blocks or allows access to a given crawler to a specific directory file path on your websites. On the other hand, for a human, this file can also be read out and can directly access the file path defined in the rules.

Let’s check this file with a curl request.

1
2
3
4
5
6
7
8
~$ curl https://08.adventofctf.com/robots.txt
# robots.txt generated by smallseotools.com
User-agent: *
Disallow: /
Disallow: /cgi-bin/

Disallow: /encryption/is/a/right
Disallow: /fnagn/unf/znal/cynprf/gb/tb

Let’s check the first Disallow rule https://08.adventofctf.com/encryption/is/a/right. This page contains a Base64 encoded string.

advent-of-ctf-challenge-8-base64

Let’s decode this string.

1
2
~$ echo "RW5jb2RpbmcgYW5kIGVuY3J5cHRpb24gYXJlIDIgZGlmZmVyZW50IHRoaW5ncy4=" | base64 -d
Encoding and encryption are 2 different things.

Yep, that’s true. Encryption is part of cryptography and is usually on a secret key, and with only the secret key, the message can be decrypted to the original message.

advent-of-ctf-challenge-8-rot13-encrypted-url

Ok, let’s analyze the URL. The URL is in some strange format. After passing this to CyberChef, it seems that the URL is a ROT13 cipher. ROT13 is a simple letter substitution cipher that replaced a letter with the 13th letter after it in the alphabet. This URL hides the message: /santa/has/many/places/to/go.

advent-of-ctf-challenge-8-rot13-decryption.

After replacing the ROT13 cipher with the decoded file path, we get the flag NOVI{you_have_br@1ns_in_your_head}.

advent-of-ctf-challenge-8-flag

Thanks for reading!

This post is licensed under CC BY 4.0 by the author.