We start with:
>>> http://fuzyll.com/csaw2015/start
CSAW 2015 FUZYLL RECON PART 1 OF ?: Oh, good, you can use HTTP! The next part is at /csaw2015/<the acronym for my university's hacking club>.
OK, let's google "fuzyll".
I don't see anything helpful, so I keep googling.
With "alexander taylor fuzyll", I found his LinkedIn.
https://www.linkedin.com/in/fuzyll
You can see in Education, his university is University of South Florida.
With "University of South Florida hacking club", easily you can find this link:
Whitehatters Computer Security Club - http://www.wcsc.usf.edu/
>>> http://fuzyll.com/csaw2015/wcsc
CSAW 2015 FUZYLL RECON PART 2 OF ?: TmljZSB3b3JrISBUaGUgbmV4dCBwYXJ0IGlzIGF0IC9jc2F3MjAxNS88bXkgc3VwZXIgc21hc2ggYnJvdGhlcnMgbWFpbj4uCg==
Decode base64 this string:
Nice work! The next part is at /csaw2015/<my super smash brothers main>.
With "fuzyll super smash brothers", you can find "yoshi" is the answer.
https://www.youtube.com/watch?v=MbRKFWyPQkQ
>>> http://fuzyll.com/csaw2015/yoshi
Very cute, right?
Save this image and:
$ strings yoshi.txt
CSAW 2015 FUZYLL RECON PART 3 OF ?: Isn't Yoshi the best?! The next egg in your hunt can be found at /csaw2015/<the cryptosystem I had to break in my first defcon qualifier>.
This part really makes me crazy.
"the cryptosystem first defcon qualifier"? Is it a crypto challenge in DEFCON?
What is his first defcon qualifier?
Back to his LinkedIn,
I think "DEFCON 19 qualification" is the answer.
I googled something likes "DEFCON 19 qualification challenges", "DEFCON 19 write up", but got nothing.
Stuck! Stuck! Stuck!
Time to go 2 bed Zz.
---
After waking up, I continue googling, I continue getting nothing.
To tired! So I want to try my luck.
Let's check some possible cryptosystems.
>>> http://fuzyll.com/csaw2015/rsa
>>> http://fuzyll.com/csaw2015/caesar
>>> http://fuzyll.com/csaw2015/substitution
>>> http://fuzyll.com/csaw2015/substitutioncipher
>>> http://fuzyll.com/csaw2015/substitutioncryto
>>> http://fuzyll.com/csaw2015/substitutioncryptography
...
...
...
>>> http://fuzyll.com/csaw2015/enigma
Boooooooooooooooom!
CSAW 2015 FUZYLL RECON PART 4 OF 5: Okay, okay. This isn't Engima, but the next location was "encrypted" with the JavaScript below: Pla$ja|p$wpkt$kj$}kqv$uqawp$mw>$+gwes6451+pla}[waa[ia[vkhhmj
var s = "THIS IS THE INPUT"
var c = ""
for (i = 0; i < s.length; i++) {
c += String.fromCharCode((s[i]).charCodeAt(0) ^ 0x4);
}
console.log(c);
Just xor!
So you can run the script again to get plain text.
Press F12 and open Console (Chrome, Firefox...)
var s = "Pla$ja|p$wpkt$kj$}kqv$uqawp$mw>$+gwes6451+pla}[waa[ia[vkhhmj"
var c = ""
for (i = 0; i < s.length; i++) {
c += String.fromCharCode((s[i]).charCodeAt(0) ^ 0x4);
}
console.log(c);
The next stop on your quest is: /csaw2015/they_see_me_rollin
>>> http://fuzyll.com//csaw2015/they_see_me_rollin
CSAW 2015 FUZYLL RECON PART 5 OF 5: Congratulations! Here's your flag{I_S3ARCH3D_HI6H_4ND_L0W_4ND_4LL_I_F0UND_W4S_TH1S_L0USY_FL4G}!
--- matnacian ---
--- ctf for beginners ---