BackdoorCTF 2018 - Write-ups

Tuesday 27 March 2018 (2018-03-27)
Monday 1 April 2024 (2024-04-01)
🇬🇧
Information#

Version#

By	Version	Comment
noraj	1.0	Creation
CTF#

Name : BackdoorCTF 2018
Website : backdoor.sdslabs.co
Type : Online
Format : Jeopardy
CTF Time : link
50 - CATS-EVERYWHERE - Misc#

Those commands are self explanatory:
$ cat challenge | tr -d '\n' | base64 -d > file.ext

$ file file.ext 
file.ext: Zip archive data, at least v2.0 to extract

$ mv file.ext file.zip

$ unzip -t file.zip 
Archive:  file.zip
    testing: misc/                    OK
    testing: misc/1_24z2ltDIcYvnUOrwnlSWpQ.jpeg   OK
    testing: misc/walk-3.gif          OK
    testing: misc/19ff057a44865be8b008edf35debe550.jpg   OK
    testing: misc/411b043d2e9ec5ac5bb5d247363cdb1f.png   OK
    testing: misc/images.png          OK
    testing: misc/images.jpeg         OK
    testing: misc/.git/               OK
    testing: misc/.git/branches/      OK
    testing: misc/.git/description    OK
    testing: misc/.git/config         OK
    testing: misc/.git/COMMIT_EDITMSG   OK
    testing: misc/.git/ORIG_HEAD      OK
    testing: misc/.git/index          OK
    testing: misc/.git/HEAD           OK
    testing: misc/.git/info/          OK
    testing: misc/.git/info/exclude   OK
    testing: misc/.git/hooks/         OK
    testing: misc/.git/hooks/update.sample   OK
    testing: misc/.git/hooks/pre-receive.sample   OK
    testing: misc/.git/hooks/applypatch-msg.sample   OK
    testing: misc/.git/hooks/pre-push.sample   OK
    testing: misc/.git/hooks/post-update.sample   OK
    testing: misc/.git/hooks/pre-rebase.sample   OK
    testing: misc/.git/hooks/pre-commit.sample   OK
    testing: misc/.git/hooks/commit-msg.sample   OK
    testing: misc/.git/hooks/pre-applypatch.sample   OK
    testing: misc/.git/hooks/prepare-commit-msg.sample   OK
    testing: misc/.git/refs/          OK
    testing: misc/.git/refs/heads/    OK
    testing: misc/.git/refs/heads/master   OK
    testing: misc/.git/refs/heads/flag   OK
    testing: misc/.git/refs/tags/     OK
    testing: misc/.git/objects/       OK
    testing: misc/.git/objects/pack/   OK
    testing: misc/.git/objects/info/   OK
    testing: misc/.git/objects/6f/    OK
    testing: misc/.git/objects/6f/6c3ccdebc718797cd32f23b837379080698d7b   OK
    testing: misc/.git/objects/e1/    OK
    testing: misc/.git/objects/e1/37c2a57a87691dafb6ed25ee325c368d3fdb8e   OK
    testing: misc/.git/objects/a4/    OK
    testing: misc/.git/objects/a4/6e7b5a29709043604aadd672beba4b09b1f5bc   OK
    testing: misc/.git/objects/23/    OK
    testing: misc/.git/objects/23/f20c69ee25b9cbbc6ac8e8d9ca479ac5f1d7c9   OK
    testing: misc/.git/objects/4b/    OK
    testing: misc/.git/objects/4b/eefebc8bb3f6c244a9c3d9e1a421b0720ae9d2   OK
    testing: misc/.git/objects/4b/825dc642cb6eb9a060e54bf8d69288fbee4904   OK
    testing: misc/.git/objects/0f/    OK
    testing: misc/.git/objects/0f/d58c79261fb2d7e416efd3b1bf64d143117191   OK
    testing: misc/.git/objects/f0/    OK
    testing: misc/.git/objects/f0/15ae3c5028e5852e04d43646ad4130cdebe3ea   OK
    testing: misc/.git/objects/e4/    OK
    testing: misc/.git/objects/e4/ad8532d31ee67a1bb91c88630b51c64d61c34a   OK
    testing: misc/.git/objects/9e/    OK
    testing: misc/.git/objects/9e/745d1a3d5b8cd43dcfcf11b2269e44283cd625   OK
    testing: misc/.git/objects/5f/    OK
    testing: misc/.git/objects/5f/92b6942624f648581cf1b6ad549f1a653a5ffc   OK
    testing: misc/.git/objects/95/    OK
    testing: misc/.git/objects/95/9d9e12052dc17eaf813d97f357c57920824426   OK
    testing: misc/.git/objects/4c/    OK
    testing: misc/.git/objects/4c/a14213cdfe1eeb09dd1944ef5f8c9358276d33   OK
    testing: misc/.git/objects/6e/    OK
    testing: misc/.git/objects/6e/d909ceb6f38c3947f072f48838b6888325513c   OK
    testing: misc/.git/objects/12/    OK
    testing: misc/.git/objects/12/2ba9b6b90bae74847a418d9f402d4addd6a567   OK
    testing: misc/.git/objects/eb/    OK
    testing: misc/.git/objects/eb/948a8e430911877f0e4942d1f2a5d5614bf76b   OK
    testing: misc/.git/objects/2c/    OK
    testing: misc/.git/objects/2c/5912f9603be8855e2ea32fbd4575ab93814dd9   OK
    testing: misc/.git/objects/79/    OK
    testing: misc/.git/objects/79/0ed153af96b2533661d57d880b49fa3a33d6c3   OK
    testing: misc/.git/objects/73/    OK
    testing: misc/.git/objects/73/b8c99825c60cb995c8a7681b2dc1b2a62d8f5c   OK
    testing: misc/.git/objects/7f/    OK
    testing: misc/.git/objects/7f/3abab351f4239bf71f6a10ccd0f618770ca266   OK
    testing: misc/.git/objects/c4/    OK
    testing: misc/.git/objects/c4/49681be28bb6275c009dd680aad16de4df05f2   OK
    testing: misc/.git/objects/83/    OK
    testing: misc/.git/objects/83/b555e2717ae0d9ffda44b3ebff350410850bbd   OK
    testing: misc/.git/objects/1b/    OK
    testing: misc/.git/objects/1b/0afa8ec0ba546cb6ca3fcc1c48185a4f7299cd   OK
    testing: misc/.git/objects/db/    OK
    testing: misc/.git/objects/db/7de53dbf744b004908c196b163e24fdd5b3831   OK
    testing: misc/.git/objects/c2/    OK
    testing: misc/.git/objects/c2/6d548d21c8d4acbf5d62accd336e4baf0b757f   OK
    testing: misc/.git/objects/ea/    OK
    testing: misc/.git/objects/ea/6c29664fa856aeea5de1701fa8fa5c99e39421   OK
    testing: misc/.git/objects/00/    OK
    testing: misc/.git/objects/00/020c6d9a66073d856c887be5fc0ce09cbd9e43   OK
    testing: misc/.git/objects/56/    OK
    testing: misc/.git/objects/56/9bd1deec811b772c5db05d631792be53eb8492   OK
    testing: misc/.git/logs/          OK
    testing: misc/.git/logs/HEAD      OK
    testing: misc/.git/logs/refs/     OK
    testing: misc/.git/logs/refs/heads/   OK
    testing: misc/.git/logs/refs/heads/master   OK
    testing: misc/.git/logs/refs/heads/flag   OK
No errors detected in compressed data of file.zip.

$ cd misc

$ git --no-pager log --oneline
569bd1d (HEAD -> flag) Try harder
6f6c3cc (master) LETS PLAY
122ba9b .
5f92b69 2018
959d9e1 CTF
0fd58c7 Backdoor
e137c2a to
4beefeb Welcome

$ git checkout 122ba9b

$ cp \=.jpg ../

$ git checkout 5f92b69

$ cp d.jpg ../

$ git checkout 959d9e1

$ cp g.jpg ../

$ git checkout 0fd58c7

$ cp f.jpg ../

$ git checkout e137c2a

$ cp c.jpg ../

$ git checkout 4beefeb

$ cp a.jpg ../

$ cd ..

$ mv g.jpg 6.jpg

$ mv a.jpg 1.jpg

$ mv c.jpg 2.jpg

$ mv \=.jpg 5.jpg

$ mv f.jpg 4.jpg

$ mv d.jpg 3.jpg
1	$ convert +append 1.jpg 2.jpg 3.jpg 4.jpg 5.jpg 6.jpg out.jpg
1	$ convert out.jpg -flop flop.jpg
writeups

Information#

Version#

CTF#

50 - CATS-EVERYWHERE - Misc#
