Write-Up Advent of CTF 2020 Challenge 0
Overview
The NOVI University Of Applied Sciences is offering an Advent CTF challenge for December 2020.
The CTF is created by our community member of the Hackdewereld.nl and Chief Lecturer for Cyber Security at the NOVI University, Arjen Wiersma. If you want to participate in these CTF challenges, you can create an account on the website https://www.adventofctf.com
.
Challenge 0
- Description: Do you remember the flag in the teaser website?
- 1 Point
First, I wasn’t aware that there was a teaser page. But, after some searching, I came to the conclusion that there is no other website than https://www.adventofctf.com/, related to this CTF. So, I visited the Wayback Machine to determine if there was a flag posted on this website in the past.
At this moment, there is only one snapshot saved of the website from 12 November 2020. So, I used this date to check the website. And, there was indeed a teaser website.
I checked the source code of this website, and I found a base64 encoded string.
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
<!--
<form action="/index.php" method="POST">
<div class="form-group">
<label for="flag">Flag</label>
<input type="text" class="form-control" id="flag" name="flag" placeholder="Enter the flag">
</div>
<button type="submit" class="btn btn-warning">Submit</button>
</form>
-->
</div>
</div>
<!-- Ceasar worked on this you know. Tk9WSXtIRVlfMVNfVGgxU19AX0ZsYTk/fQ== -->
<div class="row">
<div class="col-6 mx-auto" <div class="card text-center">
<div class="card-header">
Follow us on Twitter
</div>
<div class="card-body">
I decoded this string, and I got the flag.
1
2
~$ "Tk9WSXtIRVlfMVNfVGgxU19AX0ZsYTk/fQ==" | base64 -d
NOVI{HEY_1S_Th1S_@_Fla9?}
Thanks for reading!