DeconstruCTF 2023 - Missing
Description
Jason todd went missing and all alfred was able to recover from his pc was this file
Help Alfred find Jason
Author: Rakhul
Downloads: jason.rar
Solution
1
2
3
4
5
6
7
8
9
└─$ unrar x jason.rar
Enter password (will not be echoed) for cryptic-tod-secure/.git/config:
└─$ rar2john jason.rar > jason.hash
└─$ john jason.hash --wordlist=$rockyou
...
jason.rar:1983
...
I couldn’t extract with unrar
, so I just drag and dropped from GUI with cracked password.
1
2
3
4
5
└─$ la
Permissions Size User Date Modified Name
drwxr-xr-x - kali 1 Jun 2022 cryptic-tod-secure
.rwxr-x--- 44k kali 6 Aug 20:32 jason.rar
drwxr-xr-x - kali 1 Jun 2022 nothing_here_to_look_at
First I decided to look inside nothing_here_to_look_at
(because of the name).
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
└─$ la ./nothing_here_to_look_at
Permissions Size User Date Modified Name
drwxr-xr-x - kali 6 Aug 20:50 .git
.rw-r--r-- 180 kali 1 Jun 2022 empty.txt
.rw-r--r-- 90 kali 1 Jun 2022 encoded.txt
.rw-r--r-- 805 kali 1 Jun 2022 secret.txt
# Above files had nothing interesting so I decided to look into git commits.
└─$ git log --oneline
65e36b3 (HEAD -> main, origin/main, origin/HEAD) Create encoded.txt
c707cc5 Create secret.txt
38daa61 Update empty.txt
f50086b something for u
└─$ git reset --hard f50086b
HEAD is now at f50086b something for u
└─$ la
Permissions Size User Date Modified Name
drwxr-xr-x - kali 6 Aug 20:52 .git
.rw-r--r-- 137 kali 6 Aug 20:52 empty.txt
└─$ cat empty.txt
this link might be interesting
...
aHR0cHM6Ly93d3cuaW5zdGFncmFtLmNvbS90b2RkX2phc29uX3NlY3VyZS8=
...
└─$ echo -n 'aHR0cHM6Ly93d3cuaW5zdGFncmFtLmNvbS90b2RkX2phc29uX3NlY3VyZS8=' | base64 -d
https://www.instagram.com/todd_jason_secure/
https://www.instagram.com/p/CeQvnKyr5uK/:
https://www.instagram.com/p/CeQvw7SrCBY/:
Twitter: https://twitter.com/toddjasonsecure
Encoding looked like Base64, but it failed so I tried Base32 because of leading ===
.
Flag: dsc{h4vINg_FuN_w17h_O5INT_@Nd_m4p5}
This post is licensed under CC BY 4.0 by the author.
Comments powered by Disqus.