Reversing and Misc
These challenges below are solved by my teammate @xbowery and the writeups are written by him.
Glad to work together with him as we tackle challenges of various categories.
Secret App (Reversing)
How secret can an app be with some neat little reversing tricks?
I hid my flag in a secret app but I forgot what my username and password are.
Author: Percival
We are provided with an application – secret_app.exe in this challenge.
Running it on Windows command prompt gives us this screen:
As this is a executable file run on Binary machine code, I used OllyDbg to do a quick scan of the code.
Some digging of the code led to this:
Username: not_username
Password: not_password
Entering the following details into the secret_app.exe file gives us this:
Viola!
Flag: DawgCTF{4pp_sup3r_53cret}
Identification (misc)
A really interesting challenge indeed.
Hey man. I'm standing in front of this Verizon central office building. What's its CLLI code?
What? No, I don't know where I am, my GPS is broken. I tried to connect to some Wi-Fi so I could
download a map or something, but I don't know the password to any of these networks.
identifications.7z: https://drive.google.com/file/d/1YkzVIwbNKWKG4I0K8F_J8DCC9mqBn2ET/view?usp=sharing
Once you figure out the CLLI code, make sure to wrap it in DawgCTF{}.
Author: nb
Since we are given a .7z file, I used 7-Zip File Manager to unzip the file.
We are given 2 photographs:
A quick search on CLLI led me to discover a commonly used list of CLLI codes and I downloaded the file just in case there was anything useful from there. Also, the description of CLLI codes can be found below:
(source: https://www.ckts.info/clli)
From the 2nd photo, we are given the Basic service set identifiers (BSSID) of the wireless local area network (WLAN). In simpler terms (or maybe not), BSSID refers to the MAC address of the network.
A simple online scan of a BSSID provided in the 2nd photo of the WLAN shows us this result:
An interactive map was also provided (with other surrounding networks that matches the network list in the 2nd photo):
I ran a couple more searches on the list to ascertain the coordinates of the area. They were within the coordinates of (39.367, -77.165).
I then did a quick lookup on Google Maps and found this:
They were in a place called Mt Airy in Maryland, and through guessing, I derived the first six letters of the CLLI code:
- Mt Airy: MTAR
- Maryland: MD (State abbreviation)
A quick search of the commonly used CLLI codes showed us this:
Viola!
Flag: DawgCTF{MTARMDMA}