Tuesday, October 2, 2012

CSAW CTF Quals: Recon All

Jordan Wiens (100):


Used Jordan Wiens’ twitter username (psifertex) and found psifertex.com. From here, we found the robots.txt which led us to the /csaw directory. Here, there was a riddle.
Some Understanding Becomes Dominant On Manipulation And Inquisitive Naming
Don't bother brute forcing file paths, you'll never find it that way.
However, Some Understanding Becomes Dominant On Manipulation And Inquisitive Naming clearly spells out SUBDOMAIN with its first letters. This led us to look for key.psifertex.com, which had the key spelled out in ASCII art.

Jeff Jarmoc (100):


We found this one pretty quickly. We downloaded all of the judges pictures and looked at the metadata in them. Jeff Jarmoc's had a finger url in it that when you went to it, spat back a key to you.

Julian Cohen (100):


We checked reddit posts for JulianCohen #HockeyInJune and found http://www.reddit.com/r/MURICA/comments/10a243/murica_free_donuts_and_beverages/.

We then checked all recent posts from this account and the most recent post was a link to http://cockcab.com/ which had the key.

Yoda (400):


Run whoami on yoda inside the IRC. Win!

Dan Guido (400):


This one took the longest. The steps were:
1. Search everything possible
2. Get bored/defeated
3. Browse /r/netsec
4. Casually search "Dan Guido"
--> Find a comment thread about "salami and cheese". Win!

2 comments:

  1. You forgot the first word of the riddle "Some". The full hint was "subdomain".

    ReplyDelete