Tag: ectf

T_1000 ECTF Recon-120 writeup

Screenshot from 2014-10-23 16:23:30

This is the toughest recon that I have ever seen (or in other words the worst one :P)

First result that you find when you search for T_1000 is the terminator so I tried all the names related to the movie such as the director, the producer, the actor who acted as the T_1000 but no result πŸ™ I have also tried skynet which is considered to make the terminator in the film πŸ˜› my team mate was kidding saying to enter the flag as Rajinikanth πŸ˜€

After asking admins about the challenge, I have concluded that T_1000 was not related to movies πŸ™‚

My team mate solved the forensics-500 which relates to the channel #nitk-maliciousbots which contain the bot named T_1000 , so I thought this was end of the recon so I tried to get the flag by asking the bot in private message, but this was only the half of the challenge πŸ™‚

Again from the clue whois T_1000, the output of the whois command in irc is as follows

@31337_h4X0R (cinch@2a01:7e00::f03c:91ff:fe56:df09)

BOT_T_1000 is connected via holmes.freenode.net (London, UK)

Operator in:

#nitk-maliciousbots

so we got a new thing to google for πŸ™‚ ie.. 31337_h4X0R, it seems that 31337_h4X0R has a twitter account here is the account https://twitter.com/31337_h4X0R

This account has very few tweets and it contain this photo

shellshock

And finally if you grep for the strings in the photo we get the flag as follows

Screenshot from 2014-10-23 18:14:40

flag{I_am_N0t_Ge0Hot}

Meet The Team – Ectf 2014 Recon-80

Screenshot from 2014-10-23 16:17:29

I have attached the screen-shot of the question πŸ™‚ of Recon-80

The question is very simple but getting the blog of the team becomes hard because ECTF is organised for the first time.

The ECTF organizers doesn’t have a good blog which contains all the write up’s that they have solved, it seems like they have created blog just for the case of the challenge as the blog contains only one post which makes it difficult for the search engines to get the get that link (if any of you googled for the blog and did not get the link don’t blame google as it is doing a great job)

The name of team which is organising the ctf is NIA (no internet access). They have mentioned it in the clue also but you will never get to know that it is the name of the team for more details visit this linkΒ http://nia-ctf.github.io/

Bingo you got the blog link in the ctftime.org at this address https://ctftime.org/team/8096 and you get the link as http://nia-ctf.github.io/ so you got the flag, there was some small confusion regarding the format of the flag but the admin would have helped you at that time πŸ™‚

flag:http://nia-ctf.github.io/