Work Computer | Google CTF 2019

Google CTF 2019

Work Computer

With the confidence of conviction and decision making skills that made you a contender for Xenon’s Universal takeover council, now disbanded, you forge ahead to the work computer. This machine announces itself to you, surprisingly with a detailed description of all its hardware and peripherals. Your first thought is “Why does the display stand need to announce its price? And exactly how much does 999 dollars convert to in Xenonivian Bucklets?” You always were one for the trivialities of things. Also presented is an image of a fascinating round and bumpy creature, labeled “Cauliflower for cWo” – are “Cauliflowers” earthlings? Your 40 hearts skip a beat – these are not the strange unrelatable bipeds you imagined earthings to be.. this looks like your neighbors back home. Such curdley lobes. Will it be at the party? SarahH, who appears to be a programmer with several clients, has left open a terminal. Oops. Sorry clients! Aliens will be poking around attempting to access your networks.. looking for Cauliflower. That is, *if* they can learn to navigate such things.

readme.ctfcompetition.com 1337

You can find my all CTF solution in here

I connect to readme.ctfcompetition.com 1337 with using nc command.

This opens a unix terminal and current directory have README.flag and ORME.flag files. I couldn’t open this file with using nano, vim, cat, strings, file. These commands doesn’t works. After that I search file read commands in https://gtfobins.github.io/  web-site. I figure out the fold command. When I try to call fold command, it works.

I find the flags. But when, I try to open ORME.flag, I saw the permission denied message.

So that, this question have also different way to solve.

When I search a little bit, I saw bin folder. That files include binaries. I try to find familiar binaries. Tar is one of the familiar binaries for me. When I try to tar;

I find the flag but still I couldn’t open ORME.flag

I need root permission.

I search the folders and I notice that message when I try to open challenge_setup folder in svr folder

It can be related to ORME.flag

In the bin file when I use ls -la command

I figure out every binaries call busybox binary. When I call it,

Also I figure out thr setpriv binaries.

I can call binaries which is needed root permision binaries, with using setpriv.

YESSS

Finally I can call busybox. and it also have cat binary. Tar is fine 🙂

FLAGS:

CTF{4ll_D474_5h4ll_B3_Fr33}

CTF{Th3r3_1s_4lw4y5_4N07h3r_W4y}

Leave a Reply

Your email address will not be published. Required fields are marked *