# ACECTF 2025 WRITE-UPS
Greetings, and welcome to my ACECTF 2025 write-ups. This is the fourth international CTF competition that I have ever competed in. And I must say, I have improved a lot since my previous CTF competitions, especially in OSINT category.
## Table of Contents
1. OSINT
a. The Mysterious Building
b. The Symphony of Greatness
c. For The Fans
## 1. OSINT
### a. The Mysterious Building
> Wow, that's a cool tower—I remember it well; saw it when I was on the metro one fine evening. But the building on the right... Something about its logo looks familiar, but I just can’t recall its name. Can you help me figure out the name of this mysterious building?
> 
> Flag format - ACECTF{building_name}. All lowercase, seperated by underscores instead of spaces. E.g. - ACECTF{white_house}
As usual, I used Google Lens first to analyze any possible building hints.
Scrolling through the Google Lens, I found the exact tower that was taken in the picture, which was "Pitampura TV Tower".
The next step was to analyze it directly from Google Maps.
This was probably the difficult part for this challenge. I have searched for the exact position this picture was taken by analyzing the nearest building near that tower for about 10 minutes. But no matter how many times I have spun the map around, luck was not on my side.
So I decided to ask ChatGPT for some help.
I asked ChatGPT to analyze the building logo, and it worked. I was getting close to the actual location.
The last step was to confirm the existence of the building on Google.
Voilà, first OSINT challenge solved.
Flag:
ACECTF{pp_trade_center}
### b. The Symphony of Greatness
> Hey everyone, myself modernlouis. I remember starting to explore music outside of my native language years ago. Back then, I was just a kid, trying something completely new and unfamiliar. At first, I did it to feel included with others who were effortlessly singing along to the most popular songs of the time.
>
> Over the years, I listened to a lot of artists, but for a long time, I couldn’t settle on an all-time favorite. That changed during the recent pandemic. With all the extra time on my hands, I dove deeper into my love for music. Slowly and without even realizing it, I found myself drawn to a specific kind of sound.
>
> What kind of music, you ask? Well, not the ones filled with meaningless words just to make rhymes. Not the albums entirely focused on heartbreak stories. And definitely not the tracks made just to curse or diss someone—come on, let’s move past that.
>
> I admire musicians who showcase raw vocal talent, seamlessly blend different genres, and have a a signature sound that was instantly recognizable and highly danceable.
>
> Now, here’s the challenge: Your task is to figure out which band I’m talking about. The biggest hint? Me...
>
> Flag Format: The Flag is the band's name followed by their most streamed song, in this format: ACECTF{band_name_song_name}
>
> Example: If the band is One Direction and their most streamed song is Night Changes, then the flag would be: ACECTF{0n3_d1r3c710n_n16h7_ch4n635}
From the description of the challenge, you can see that *modernlouis* name was italicized. So it was pretty clear that the name *modernlouis* was the target for this challenge.
I ran "sherlock" tool on Kali Linux with that name, and these were what I found.
Let's try with the basic one first, the YouTube link.
His YouTube account said that he "need a platform for music lovers.", let's keep that in mind. There was a related link as well that led me to his Makromusic account.
By clicking the link, it led me to another hint.
He said that "maybe they're technically not a band, after all", which means that the artist was not "a one person". The least I could said was it could probably a "duo".
Another hint was that he mentioned "Genius" on his bio. This narrowed down my research since the previous "sherlock" results showed me that there was a Genius account related to *modernlouis* account.
I clicked the Genius account on the "sherlock" results, and I got the last hint.
Now things got complicated. The previous hint said that "maybe they're not technically a band", but this one said "my name kind of contains a part of the *band's* name". Don't you think it's contradicting? Well, for me, yes. He also gave me a random string from some music streaming platform, which was "313vqcsij2k5ukfgqwhu27sr4l64".
Let's narrow down my hypothesis.
1. It's a *duo musical artist* who showcase *raw vocal talent*, seamlessly *blend different genres*, and have a *signature sound that was instantly recognizable* and *highly danceable*. And not the ones filled with meaningless words just to make rhymes. *Not the albums entirely focused on heartbreak stories*. And *definitely not the tracks made just to curse or diss someone*.
2. Strings may related to some other musical platforms. Not only in Genius, probably Spotify.
This last step took me 7 hours to solve. Why?
First, I was too focused on that part of his username which was *louis*. At first, I thought that the musical artist he meant was *Louis The Child* since it fits the descriptions very well. But the only problem was, *they don't showcase their raw vocal talent*. They often use like some sort of *EDM* kind of thing to make their vocals blend with their instruments.
I tried those strings on Genius and Spotify by using many paths such as /tracks, /albums, /playlists, and /songs. On Genius, when I tried *https://genius.com/songs/313vqcsij2k5ukfgqwhu27sr4l64*, it led me to a musical artist music page, which was *Breathe by Fabolous*. This confused me again. Fabolous is a rapper whose songs are filled with *meaningless words just to make rhymes*. Again, it was contradicting. I tried many other paths to get me some hints, but it was no use. I came into conclusions again, which were:
1. My URLs combination might be wrong.
2. Those string are just a *red herring*.
Without no hope of solving it, I tried my last attempt, which was manually doing a research about any possible related duo musical artist using a Google.
I searched "modernlouis music" on Google, then found this video on the very top.
Now that I think about it, maybe it was not *louis* that he meant? Maybe it's *modern*? It all made sense now. I was too fixed on one route, that I forgot to look for another route.
With a newfound determination, I searched *Modern Talking* most streamed song on https://kworb.net
It was *Cheri Cheri Lady*. For the last one, I just need to make it into some sort of "leetspeak" styled text. Which was:
ACECTF{m0d3rn_74lk1n6_ch3r1_ch3r1_l4dy}
Then when I submitted it, it was correct. Hardwork paid off.
Flag:
ACECTF{m0d3rn_74lk1n6_ch3r1_ch3r1_l4dy}
### c. For The Fans
This challenge was my personal record since I was the 7th solver for this.
Okay, let's start.
You can see that there was a username named *DrakeSaltyOVO* in the challenge description. So without wasting my time, I immediately use "sherlock" tool to find any platforms related to that username.
By running "sherlock" with the username *DrakeSaltyOVO*, this was what I found.
Usually, especially in OSINT, a Twitter related username tells you a lot about what to do in a challenge.
By clicking the link, I found his Twitter account.
From his Twitter tweets, I found some hints which I can conclude as:
1. He is setting up a blog somewhere using his new username, which was *salty-senpai-drake1*.
2. He uploaded a tweet about setting up his new blog account on November 29th, 2024 along with his birthday which is on September 14th, 2000, which I assumed would be a "password" for later.
3. He uploaded a tweet about his weak password that can be cracked in just "1.63 seconds" which was a hint to guess his password combinations.
At first, I used "sherlock" on his username *salty-senpai-drake1* in order to find his "blog" somewhere, but I found no luck. And again, I was stuck in this step for 2 hours trying to figure out where to find his blog.
I was lost in hope, nearly giving up on this challenge. But then, an idea crossed my mind.
"Why don't you try Google dorking it? His username and whatever blog he meant?"
And yeah, somehow, it worked out. I found a "tumbig" post that contains his username *salty-senpai-drake1* in it.
I clicked on it and searched his username through the website, which finally led me to the next step.
At the end of his blog, there were a strings which looked like this.
```
N3q8ryccAAQrDS+tIAAAAAAAAABqAAAAAAAAANGqpB7VL3HfX5dq2a0oNrtZRM2Hum9ExZnUSpeMMG2rzSg6lQEEBgABCSAABwsBAAIkBvEHARJTD3GIJuGJqEfIwbSE/71QeN8hIQEAAQAMIBwACAoBra6o3QAABQEZAQAREwBmAGwAYQBnAC4AdAB4AHQAAAAZABQKAQCfS+NlYELbARUGAQAgAAAAAAA=
```
This was clearly a Base64 strings, judging by the equal sign at the end of the strings.
By decoding it in CyberChef, I found out that it was an encrypted 7z file.
I saved the file as "output.7z" and then tried to guess the passwords combinations from his birthday.
After trying many passwords combinations, I finally found the password, which was "2000914".
After extracting the "output.7z", I opened the "flag.txt" file that was in it, revealing the flag inside.
Flag:
ACECTF{y0u_b3773r_41nt_h4t3}
Sign in with Wallet
Connect another wallet