WiCYS CyberStart (Tokyo) Challenge 1

NOTE: There is a Gitbooks version of the same challenge walkthrough written by me. You can go ahead and check it out!

Hello, fellow Cyberstart gamers!

Having touched base 2 on our CyberStart journey, in Tokyo, it’s time again to solve some security challenges. We are handed an appreciation letter and an overview of the challenges on the horizon

Briefing L02 C01

610enC0de’d Password

Agents believe they have found a server belonging to a gang called the Yakoottees. If we can get access to it who knows what information we can gather on them! So far the Yakoottees have been very successful hiding their activities by encoding everything they do. We’ve found their server but don’t have the password and so can’t login. Can you help, intern?

Tip: Login to the server to get the flag.

Proceeding to the challenge, we are met with this terminal screen

At first glance, this text looks like hex encoding. Our job is to now decode it, to gain access to Yakoottees’ server

Flag Capture

For that, I would suggest you use this resource. Others were not able to decode the hex-encoded text and you will see why. Copy-paste the hex code and decode it

This is our output

The cleartext looks a bit messy, doesn't it? Let’s clean it up

From our research, it is found that ‘?’ is represented as \x63 in hex code

I was able to find just 2 instances of \x63 but did not make the output any cleaner

From the jumbled decoded text, we can decipher the password (by removing question marks)

Password = 4f1b252055

Using it to login onto the server

Flag — cA3drVNxuDvgmcN5gs5i

We are in, and the challenge is conquered!

Coupled with that, we have 500 points on the scoreboard. Onward Ahoy!

--

--

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store