QUT Whitehats CTF Week_1


WARNING: Like all my CTF notes, this contains spoilers.

How_2_Flag - 0 pts

For our CTF challenges this year we will be using the format: flag-{example_flag} Please note that all flags are case-sensitive!

  • Submitted: flag-{example_flag}

Community - 5 pts

Have you joined our discord server yet? https://discord.gg/kRbcVnP

  • Joined discordapp
  • Clicked on Add a server
  • Used the URL in the challenge
  • Checked #flag channel
  • Submitted: flag-{welcome_1337_haxor}

Stay_Informed - 10 pts

Our website - https://qutwhitehats.club is a vast treasure trove of information. Have a look and see if you can find the hidden flag!

  • Navigated to site using standard web browser (Firefox)
  • Viewed page source
  • Searched for string (without quotes) “flag-”
  • Submitted: flag-{inspector_gadget}

The Phrase - 10 pts

I cant make this more obvious

  • Thought it was the Kali linux tag line, i.e. The quieter you become the more you are able to hear
  • Submitted the phrase in multiple formats encapsulated in flag-{…} but no luck
  • Asked Oliver for assistance and he confirmed that the phrase was correct but needed to be formatted correctly
  • Continued attempting without success
  • Asked Zac on Discord, and was told its the phase without space
  • Submitted: flag-{Thequieteryoubecomethemoreyouareabletohear}

Im going to rock your world - 20 pts

Sometimes to rock someones world, you need to know the words to say

Sometimes to rock someones world, you need to know the words to say directory path of storage with a space

  • Might be a reference to rock you passwords list, tried rockyou, rockyou.txt, rockyou.txt.bz2, wordlist, password
  • Asked Oliver for a hint then noticed that the hint had been updated
  • Submitted: flag-{cd /usr/share/wordlists}

