You can find the SAINTCON 2014 Hackers Challenge Introduction here.
And this is all the files referenced below:
The challenges referenced below can be found here:
BL100 – VGC
Find the words the make a common phrase. Use that as the key. NTIuNjMxNTIyLCAtMS4xMjQwMzQNCg== LTI4LjIxNjAyMCwgMTUyLjAzMTcwNg0K NDAuNzY0NTE0LCAtNzMuOTc1MjQ5
#1 should be…. 52 Degrees 37’51.70″N 1 Degree 7’24.16″W
Each line of text is separately Base64 Encoded: (the trailing = is a dead giveaway for base64)
GO LEARN more about BASE64. http://en.wikipedia.org/wiki/Base64
Use any Base64 decoder (
openssl enc -base64 -d and
ctrl+d) to decode each line:
$ openssl enc -base64 -d NTIuNjMxNTIyLCAtMS4xMjQwMzQNCg== 52.631522, -1.124034 $ openssl enc -base64 -d LTI4LjIxNjAyMCwgMTUyLjAzMTcwNg0K -28.216020, 152.031706 $ openssl enc -base64 -d NDAuNzY0NTE0LCAtNzMuOTc1MjQ5 40.764514, -73.975249
And it’s obvious that these are LAT and LONG coordinates.
Pull them up in google maps to see what’s there, I’m looking for words that make a common phrase.
The Last one I see “Green Cafe” and “Intuition”
The Second one I see “Mind Your Business”
The first one, original, or corrected in the hint, I don’t find anything meaningful.
So I start guessing.
Trust Your Intuition
BL200 – Something’s Fishy Here
Something is fishy with this picture. Find what it is and submit the key. Good luck! Hint: First 6 chars + 1 looks a lot like I Files: Fishy-Original.jpg Fishy.jpg
Use a dff tool to see what’s up.
You will find the 2nd file has extra bytes of data on the end of it.
These bytes start with:
EB CD 1C That looks familiar, may EBCDIC!
GO LEARN more about EBCDIC. http://en.wikipedia.org/wiki/EBCDIC
Now if you can copy and paste those bytes into any available EBCDIC converter (http://search.cpan.org/~cxl/Convert-EBCDIC-0.06/lib/Convert/EBCDIC.pm or http://mcraigweaver.com/ebcdic.htm or https://support.microsoft.com/kb/216399 ) , convert them by hand, or if you are using vbindiff just hit the ‘C’ key. and you get:
The key you are looking for is: onomatopoeia
BL300 – BitMapSqueeze
Did you know some graphic formats are extremely flexible? Files: BitMappSqueeze.bmp
That’s a strange graphic!
Pull it up in a hex editor, right away I notice ASCII strings I wouldn’t expect in a bitmap image.
Things like PK, __MACOSX, both of which instantly remind me of a ZIP file.
GO LEARN more about zip file formats:
So remove the bitmap image data at the front of the file, everything before 0x36 then rename to .zip and extract.
Open the file BitMapSqueeze and
Puzzle: This puzzle does not exist and was not part of the game.
BL500 – I@mTH3c0mput3r
Good luck Files: BL500
Let’s figure out what this file is, run it through strings, and these ones pop out at me:
ELF /lib/ld-linux.so.2 Welcome to SAINTCon 2014 ------------------------ Pausing for 30 seconds.. Enter the Password: Correct! Key Follows:
And a hex editor says the first few bytes are:
7F 45 4C 46 01 the 01 meaning 32bit.
We’ve got us a 32bit Linux Executable, so let’s spin us up a 32bit Linux VM.
Install GDB-PEDA. (this makes life much easier!) https://github.com/longld/peda
gdb ./BL500 start next ( repeat until you see in the "code" box that you are CALLing genKey ) next ( to CALL genKey)
At this point you will see a crazy long string PUSHed onto the stack. This is your key.