Ⅰ. 개요
- (KOR 기준) 07.14 22:00 ~ 07.17 05:00
- 3문제 CLEAR
Ⅱ. 풀이
1. [Reversing] DrillingPlatform
(1) 문제 지문
- Welcome to the latest and greatest in Vitralium mining technology. Our newest rig can penetrate depths never before reached! Unfortunately, we haven't yet been able to locate any. Can you get into the workings of the machine and find out where we need to drill?
(2) 풀이
- 주어진 바이너리를 디버깅하여 string만 확인해보면 flag를 획득할 수 있다.
- HTB{lucky_gu3ss_0r_s0m3th1ng_m0r3??}
2. [Forensics] Red Miners
(1) 문제 지문
- In the race for Vitalium on Mars, the villainous Board of Arodor resorted to desperate measures, needing funds for their mining attempts. They devised a botnet specifically crafted to mine cryptocurrency covertly. We stumbled upon a sample of Arodor's miner's installer on our server. Recognizing the gravity of the situation, we launched a thorough investigation. With you as its leader, you need to unravel the inner workings of the installation mechanism. The discovery served as a turning point, revealing the extent of Arodor's desperation. However, the battle for Vitalium continued, urging us to remain vigilant and adapt our cyber defences to counter future threats.
(2) 풀이
- 주어진 sh파일 코드에 있는 base64문자들을 decode하여 합치면 flag를 얻을 수 있음
- ① cGFydDE9IkhUQnttMW4xbmciCg== ⇒ part1="HTB{m1n1ng"
② cGFydDI9Il90aDMxcl93NHkiCg== ⇒ part2="_th31r_w4y"
③ dest=$(echo "X3QwX200cnN9Cg=="|base64 -d) ⇒ _t0_m4rs} - HTB{m1n1ng_th31r_w4y_t0_m4rs}
3. [Web] Lazy Ballot
(1) 문제 지문
- As a Zenium State hacker, your mission is to breach Arodor's secure election system, subtly manipulating the results to create political chaos and destabilize their government, ultimately giving Zenium State an advantage in the global power struggle.
(2) 풀이
- NoSQL Injection을 이용하여, admin으로 로그인하면 flag를 획득할 수 있음
'CTF' 카테고리의 다른 글
| 2023 Google CTF writeup (Pwnable) (0) | 2023.07.02 |
|---|---|
| 2022 POXX 예선 & 본선 writeup (pwnable, rev) (0) | 2022.12.28 |
| 2022 Hacking Camp writeup_pwnable (0) | 2022.09.03 |
| 2022 SSTF writeup (0) | 2022.08.24 |