[Juniors CTF 2016] [Trivial admin 400 – ROFL] Write Up

Description

No description, only a PDF embedded file containing 73 pages:

Vm0wd2QyUXlVWGxWV0d4V1YwZDRWMVl3WkRSV01WbDNXa1JTVjAxV2JETlhhMUpUVmpBeFYySkVU
bGhoTVVwVVZtcEJlRll5U2tWVQpiR2hvVFZWd1ZWWnRjRUpsUmxsNVUydFdWUXBpUjJodlZGWldk
MVpXV25SalJVcHNVbXhzTlZVeWRGZFdVWEJwVWpKb2RsWkdXbGRrCk1WcFhWMjVTYWxKVmNITlZi
[…]
M0JYVFc1b1dGWnFSbHBsUm5CR1lVWlNhV0pGV2sxV2ExSkhWVEZSZUZkc1drNEtWbTFTV1ZscgpW
a3RaVm14ellVYzVVMUpzY0hwV2JHaHZWVEpLVmsxVVRscGxhMG8yVlROa2RsQlJiejBLCg==

Resolution

As you can see it’s a LOOOOOOOONG string in base64.
We put this string into a file named “1” and run this bash script:

for i in `seq 1 34`; do file="`cat $i`" ; ((i++)) ; echo $file | tr -d '\n' | base64 -d > $i  ; done

Our files contained:

#33: 6Mn2yc7hX971xMXza
#34: èÉöÉÎá_ÞõÄÅó

Charset error! There’s no accents like this in Russian 🙁
We used http://www.charset.ru/ to retrieve all possible combinations:

иЙцЙОб_ЮхДЕу
ХиЖинА_чУдеС
ЙкГкпВ_аИдеХ

Flag was ХиЖинА_чУдеС

2 thoughts on “[Juniors CTF 2016] [Trivial admin 400 – ROFL] Write Up”

  1. You can just use decode function in Python with ‘koi8-r’ as first argument in it and don’t use brute in flag field 😉

Leave a Reply

Your email address will not be published. Required fields are marked *