From f00279ef82b7fc8fe1005c660feb9905733c833c Mon Sep 17 00:00:00 2001 From: Alfred Gamulo Date: Tue, 18 Jul 2023 00:03:12 -0400 Subject: [PATCH] feat: add mctf --- MetaCTF/ACE-T/.gitignore | 2 ++ MetaCTF/ACE-T/all_strung_out.md | 10 ++++++++++ MetaCTF/ACE-T/breaching_buckets.md | 9 +++++++++ MetaCTF/ACE-T/osint_time.md | 7 +++++++ MetaCTF/ACE-T/the_last_great_zip_file.md | 22 ++++++++++++++++++++++ MetaCTF/ACE-T/tmp/.placeholder | 0 6 files changed, 50 insertions(+) create mode 100644 MetaCTF/ACE-T/.gitignore create mode 100644 MetaCTF/ACE-T/all_strung_out.md create mode 100644 MetaCTF/ACE-T/breaching_buckets.md create mode 100644 MetaCTF/ACE-T/osint_time.md create mode 100644 MetaCTF/ACE-T/the_last_great_zip_file.md create mode 100644 MetaCTF/ACE-T/tmp/.placeholder diff --git a/MetaCTF/ACE-T/.gitignore b/MetaCTF/ACE-T/.gitignore new file mode 100644 index 0000000..845482b --- /dev/null +++ b/MetaCTF/ACE-T/.gitignore @@ -0,0 +1,2 @@ +tmp/* +!tmp/.placeholder \ No newline at end of file diff --git a/MetaCTF/ACE-T/all_strung_out.md b/MetaCTF/ACE-T/all_strung_out.md new file mode 100644 index 0000000..9e437f4 --- /dev/null +++ b/MetaCTF/ACE-T/all_strung_out.md @@ -0,0 +1,10 @@ +All Strung Out + +``` +Find the first flag in evidence.zip. + +The flag hidden in this challenge is in the format: flag{value} +``` + +1. Unzip +1. `grep -E "flag\{.*\}" evidence.mem` \ No newline at end of file diff --git a/MetaCTF/ACE-T/breaching_buckets.md b/MetaCTF/ACE-T/breaching_buckets.md new file mode 100644 index 0000000..3cfe2b8 --- /dev/null +++ b/MetaCTF/ACE-T/breaching_buckets.md @@ -0,0 +1,9 @@ +Breaching Buckets + +``` +Take a look at where this image is hosted. See if you can find the flag! Does anything stand out? +``` + +1. `aws s3 ls prod-cdn-user-imgs --recursive` +1. `aws s3 cp --recursive s3://prod-cdn-user-imgs .` +1. browse all pictures for flag \ No newline at end of file diff --git a/MetaCTF/ACE-T/osint_time.md b/MetaCTF/ACE-T/osint_time.md new file mode 100644 index 0000000..b9f92da --- /dev/null +++ b/MetaCTF/ACE-T/osint_time.md @@ -0,0 +1,7 @@ +OSINT Time + +``` +Your co-worker Leo refused to tell anyone where he was going on vacation. You saw him post an Instagram of a super cute sloth and you REALLY want to know where it was taken. See if you can figure it out. +``` + +1. `exiftool $DOWNLOADS/sloth.jpg | grep -i comment` \ No newline at end of file diff --git a/MetaCTF/ACE-T/the_last_great_zip_file.md b/MetaCTF/ACE-T/the_last_great_zip_file.md new file mode 100644 index 0000000..3d931fd --- /dev/null +++ b/MetaCTF/ACE-T/the_last_great_zip_file.md @@ -0,0 +1,22 @@ +The Last Great Zip File + +``` +Help! I've created a zip archive that contains my favorite flag, but I forgot the password to it. Can you help me recover my flag back? + +You may need to use another program such as wget to download the file if your browser is blocking the download. Now to get the password hash from the zip file... +``` + +1. `wget https://metaproblems.com/4c8353df44a1dc0c5535ec84fa8da70e/flag.zip` + +1. Download [John the Ripper](https://www.openwall.com/john/) + * ``` + $ git clone https://github.com/openwall/john + $ cd john/src + $ ./configure && make + ``` + +1. `./john/run/zip2john flag.zip > zip.hashes` + +1. `./john/run/john --wordlist=/usr/share/wordlists/rockyou.txt zip.hashes ` + +1. `./john/run/john zip.hashes --show` \ No newline at end of file diff --git a/MetaCTF/ACE-T/tmp/.placeholder b/MetaCTF/ACE-T/tmp/.placeholder new file mode 100644 index 0000000..e69de29