🔬
CTFs
  • 🚩nitrozeus's CTF Writeups
  • Tutorial
    • Install Windows 10 VM on M1 Mac
  • My Notes
    • Capture-The-Flag
      • Windows Forensics
      • Memory Forensics
      • Base32, Base64
      • Steganography
      • Email Analysis
      • Malware Analysis
      • MD4, MD5 Cracking
      • Social Engineering
      • OSINT
      • Google Dorking
      • Reconnaissance
      • Port Scan (nmap)
  • 2023
    • 🧠BrainHack CDDC 2023
      • Gallery
      • Eazy Network Analysis
      • What the hell happened to the PC?!
      • Audio Steganography
  • 2022
    • 🐱Grey Cat The Flag 2022
      • Parcel
      • Memory Game (Part 1)
      • Too Fast
      • Entry
      • Ghost
      • Firmware
      • Image Upload
      • flappy-js
    • ⛵STANDCON 2022
      • I Sea You (Part 1)
      • Locate Me
      • I Sea You (Part 2)
      • Trolley Trolling
      • A New Gateway
      • Walks like a cat, barks like a dog
      • Shark in the Ocean
      • Atlan Safe P1
      • Gift from Russia
      • Asmuth Shares
      • Memedump
      • Warmup Forensics
    • 🦁STACK the Flags 2022
      • Finding Nyan
      • New Task!
      • Hit you with that
      • Cobalt Struck
      • PyRunner
Powered by GitBook
On this page
  1. 2022
  2. STANDCON 2022

A New Gateway

PreviousTrolley TrollingNextWalks like a cat, barks like a dog

Last updated 2 years ago

There's something fishy going on here... Someone seems to have directed us to the wrong gateway to the WAN ocean. But sometimes, even when we try the some pathway, we get access. Why is that happening? That's when we brought out our trusty (Wire)Shark to try to figure out what's going on. Who's helping us gain access?

We were given a PCAP file similar to challenge. But this time, the challenge description gave us quite a few good hints!

The hints were "directed us to the wrong gateway to the WAN ocean". So, like always, our first move would be filtering for HTTP in WireShark!

We took a look at the status code 200 OK, and we saw an interesting string U1RBTkRDT04yMDIye2NmYy15MHUyX2QzZjR1MTdfOTQ3M3c0eV83MF80X2N5ODMyX2M0MjMzMn0=

Flag: STANDCON2022{cfc-y0u2_d3f4u17_9473w4y_70_4_cy832_c42332}

Challenge Files

We soon realised that this is a encoded string, the padding of = gave it away. We right clicked the log and followed the HTTP stream.

Afterwards, we copied the Base64 encoded string and used to decode it and we got the flag!!

⛵
Base64
🎉
CyberChef
Shark in the Ocean
23MB
Challenge3.pcapng
filter for HTTP
follow http stream
flag!