MTA CTF 2024
Published:
Introduction
The CTF competition is organized by MSEC from MTA, my university. In this CTF, I did in web, osint, misc, for, and super ez crypto.
Osint
- Content Creator 1
Author: vizer
Description:
Let’s search the username
Erenfried Brockhouse. I found the YouTube account of him.
I found something in here.
Nice, vizer’s signature. I searched for a while but found nothing. I focused on avatar and cover image. Inspect and
wgetthe image to local for checking metadata, but nothing. Never forgive, i saw hint.
Ok, I think when using the link image in
F12to download, it will not save metadata, so I found another tool on the internet for downloading avatars and cover images. But look at it.
FLAG: MSEC{WHAT_IS_OSINT?}
- Content Creator 2
Author: vizer
Description:
I need to find the location of the photo he posted. In the first, I focused on the video on YouTube in Part 1.
I searched for the photo in the video on Google Image but found no information. So I used GeoSpy.ai to find out where the city was photographed.
In China, there is a very famous and popular search engine. It is Baidu, and I was searching for the image here.
Got it, but there is still too little information about this position. Continue focusing on the biggest building in the photo’s center.
Finally, I found the building. It is ICBC.
We can search for this place on Google Map or Baidu Map. All the results are correct.
The flag is the coordinates in Google Map.
FLAG: MSEC{39.94,119.58}
- Content Creator 3
Author: vizer
—->I can’t solve this challenge, so I asked my sir (challenge’s author) for the solution, and this will be written up when I do it again.You can’t see it<—-
Description:
In this challenge, I need to find out how long the shadow of the monument is. So crazy, how can I do it??? Wait, first we need to find the location of the monument. Look at it on Google Map
Collected the coordinates. Next step is to find some info about this monument. For what then, read on.
This is in China, so I can’t find any information on Google. But I remember when looking for the building, I saw this monument in some article. It here. Continue to search for this picture in the article on Baidu. And this is the result
Nice, I got time, the height of the monument, coordinates of this. Drop these into this tool and **let’s it cook**
I think you guys will ask how I know this tool; please read the top comment of this challenge again. In addition, I found exactly what the height of the monument was, but it was not correct, so I asked the author and got the answer.
if (height == 30) ? flag = MSEC{17.17} : flag = MSEC{20.60}
- Content Creator 4
Author: vizer
—->Same aboveYou can’t see it<—-
Description:
The last challenge, also the hardest one to tackle, requires us to rely on all the clues from the previous challenges because we don’t even know what we’re looking for. First, in part 1, there is a piece of information in the video description that hasn’t been used yet.
Can you find it?- it seems highly likely that we need to find an image. However, after trying all possible methods to search popular social media using the username, I couldn’t find any results. Based on a hint from a mysterious person named vizer, I tried searching the keywordimage-sharing websites(if I can’t find it, I’ll search through all of them, hehe). The results showed approximately 24 websites with such functionalities.
After filtering for popular websites, the result was narrowed down to 5 websites based on the following criteria:
Number of users > 100 million (if I can’t find it, I’ll give up)
Good, based on the results of searching the username before, we can eliminate FaceBuk and IG from the list. The final clue leads us to
Flickr. Looking into Flickr a bit, it has a quite useful feature called"place photos on a world map". Therefore, it is possible to find the photo if it was taken, even without knowing who took it. By accessing Flickr Map, although the website doesn’t allow searching by coordinates, we can search manually. After some time comparing it with Google Map, as expected, the mystery of Erenfried Brockhouse is here.
FLAG: MSEC{HOANG_SA_TRUONG_SA_BELONG_TO_VIETNAM!}
