Dr.Evil MidnightSun Quals 2019

So, I did not solve this challenge during the CTF but solved it moments later the CTF was over. I thought this to be a crypto related challenge & did not look further into it. I shit myself right now because I could’ve easily got the first blood in this challenge. Let us see why this challenge is so easy.


And let us see what the PCAP looks like.

So after seeing TLS encrypted data, I extracted the public key & with the help of my teammates we tried to find the private key but we were unable to do so & I left the challenge without even looking further.

So, long story short, @s0rc3r3r told me that the challenge actually involved evil bits. So this is when I cursed myself. By then, the CTF was over but anyways, I still wanted to complete the challenge, so I wrote a simple python script which gave me binary data and upon converting it to ASCII gives me the flag.

from scapy.all import *

r = rdpcap("dr-evil.pcap")

a = ""

for i in r:
	if i["IP"].src == "":
		if "evil" in str(i["IP"].flags):
			a = a + "1"
			a = a + "0"

a = a + "0000" # Because len(a)%8 = 4. So we had to add some padding

print a

So we have the binary value. Let us use an online decoder. We get,

Ladies and gentlemen, welcome to my underground lair. I have gathered here before me the world’s deadliest assassins. And yet, each of you has failed to kill Austin Powers and submit the flag “midnight{1_Milli0n_evil_b1tz!}“. That makes me angry. And when Dr. Evil gets angry, Mr. Bigglesworth gets upset. And when Mr. Bigglesworth gets upset, people

So, there we have the flag. I guess this was one of the easiest challenges in the CTF but I think most of the teams were trying to get the private key or something. Anyways, we did learn a lesson today. 🙂

Flag: midnight{1_Milli0n_evil_b1tz!}

If you liked my solution, please share & like the writeup. I’m available on Twitter: @_abhiramkumar

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

Website Powered by WordPress.com.

Up ↑

Create your website with WordPress.com
Get started
%d bloggers like this: