Dr.Evil MidnightSun Quals 2019

So, I did not solve this challenge during the CTF but solved it moments later the CTF was over. I thought this to be a crypto related challenge & did not look further into it. I shit myself right now because I could’ve easily got the first blood in this challenge. Let us see why this challenge is so easy.

Description:

And let us see what the PCAP looks like.

So after seeing TLS encrypted data, I extracted the public key & with the help of my teammates we tried to find the private key but we were unable to do so & I left the challenge without even looking further.

So, long story short, @s0rc3r3r told me that the challenge actually involved evil bits. So this is when I cursed myself. By then, the CTF was over but anyways, I still wanted to complete the challenge, so I wrote a simple python script which gave me binary data and upon converting it to ASCII gives me the flag.


from scapy.all import *

r = rdpcap("dr-evil.pcap")

a = ""

for i in r:
	if i["IP"].src == "52.15.194.28":
		if "evil" in str(i["IP"].flags):
			a = a + "1"
		else:
			a = a + "0"

a = a + "0000" # Because len(a)%8 = 4. So we had to add some padding

print a

So we have the binary value. Let us use an online decoder. We get,

Ladies and gentlemen, welcome to my underground lair. I have gathered here before me the world’s deadliest assassins. And yet, each of you has failed to kill Austin Powers and submit the flag “midnight{1_Milli0n_evil_b1tz!}“. That makes me angry. And when Dr. Evil gets angry, Mr. Bigglesworth gets upset. And when Mr. Bigglesworth gets upset, people

So, there we have the flag. I guess this was one of the easiest challenges in the CTF but I think most of the teams were trying to get the private key or something. Anyways, we did learn a lesson today. 🙂

Flag: midnight{1_Milli0n_evil_b1tz!}

If you liked my solution, please share & like the writeup. I’m available on Twitter: @_abhiramkumar

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

Powered by WordPress.com.

Up ↑

Create your website at WordPress.com
Get started
%d bloggers like this: