hiww_備忘録

Anime, CTF

アイカツ!シリーズを通して私のアイカツ!

 

blog.hatenablog.com

上記記事を見つけ、アイカツ!についてのブログを書きたいと思った。

アニメ「アイカツ!」シリーズ開始から5年以上が経った。
いちごちゃん・あかりちゃん・ゆめちゃん・あいねちゃん。
各シリーズの主人公や学園の仲間も限られた時間の中で一生懸命アイドル活動(アイカツ!)をしている。

&t=68から

youtu.be

「輝きたい衝動に 素直でいよう後悔なんて絶対 君には似合わない限りのない情熱で 飛び越えていこう」

youtu.be

直向きにアイカツ!する姿が日々、私を勇気づけてくれた。
喜怒哀楽したり、議論しても良い。

 

&t=41から

youtu.be

 今後もアイカツ!シリーズと共にポジティブなアイカツ!をしていこうと思う。f:id:hiww:20181008220723j:plain

TVアニメ/データカードダス『アイカツ!』&『アイカツスターズ!』スペシャルドラマCD

TVアニメ/データカードダス『アイカツ!』&『アイカツスターズ!』スペシャルドラマCD

 

 

 

TAMUctf 18 Writeup

I participated in TAMUctf 18 (138th out of 1272) as Harekaze.

[Intro 1] Howdy!

Paste the flag from problem.

Flag: gigem{Howdy!}

[Misc 20] breadsticks 2

Download the problem file(breadSticks.bin).

I checked file breadSticks.bin and it seems like Microsoft OOXML.

mv breadSticks.bin breadSticks.docx

Open the breadSticks.docx.

Flag: ICanRead!

[Misc 25] you can run, you can hide

find the hidden flag.

`ssh tamuctf@shell1.ctf.tamu.edu -p 2223`
password: tamuctf
  • Solution

find the flag by ls -aR

tamuctf@6cb21f6960f0:~$ cat .secret/.dont_delete_me.txt
gigem{TAMU_secret_society_qSD358OUYGcezTlFbqeh}

Flag: gigem{TAMU_secret_society_qSD358OUYGcezTlFbqeh}

[Crypto 25] Image`n That

Read the flag from given bmp image using stegno tool.

Flag: GIGEM{THE_WORLD_IS_IN_THE_EYE_OF_THE_BEHOLDER}

[Web 20] Reading

  • Problem
I just love reading!

http://web1.ctf.tamu.edu
  • Solution

There are many words(flags) in this source(index.html).

Find the flag by tools.

(This case, I used grep command.)

Save index.html by curl http://web1.ctf.tamu.edu/

Find the flag by grep (I recommend you to use regular expressions to narrow the string.)

f:id:hiww:20180320164620j:plain

Flag: gigem{F!nD_a_F!AG!}

{Web 40} Bender

  • Solution

Access the problem page.

No Google Bot can help you now!

View the robots.txt.

http://web3.ctf.tamu.edu/robots.txt

User-agent: *
Disallow: oiuwerljk.html

Get the flag from here.

http://web3.ctf.tamu.edu/oiuwerljk.html

Flag: gigem{craw1ing_bot$!}

[Web 50] Bubbles

  • Problem
I don't like taking baths.

http://web4.ctf.tamu.edu
  • Solution

f:id:hiww:20180320171746p:plain

Page title is SQLi and there is a form for submit.

Input ' or 1;# to Password form.

Flag: gigem{ScRuB7h3InpU7}

HarekazeCTF2018 Lost_data

Here is HarekazeCTF-2018-problem(with writeup) that I authored.

What is HarekazeCTF2018?

HarekazeCTF2018

CTFtime.org


Problem Name: Lost_data

  • Problem file: lost_data.zip

    • Points 100, Genre For + Misc, Author hiww, Solves 54.
Description
Guess or try xxxxx in flag and replace to the correct word.
xxxxx is uppercase.
No need decipher the password of xxxxx.zip.
lost_data.zip
Hint:
Refer the file contents of xxxxx.zip.
filesystem is answer.
(For + Misc, 100 points)

Solution(Writeup):

  • Step-1.(Recover QR-code from data.zip)

    • Unzip the data.zip.
      • The first 4 bytes of each file is 89 2E 2E 2E.
      • Even if using the file command the extension is unknown.
      • But, there are some hint in the files[1..3].
      • For example, 49 44 41 54 in hex and IDAT in ascii.
      • Replace the first 4 bytes to 89 50 4E 47.
      • The lost data was PNG.
      • Scan QR-code by QR-code-scanner(e.g. zbarimg, iOScamera and human).

    QR-code: HarekazeCTF{Y0u_G0t_FuNNy_F1ag_?DF?_T?_is_xxxxx}

  • Step-2.(Investigate the xxxxx.zip)

    • By the way, have you ever used SD cards that can not add new files?

    • The filesystem have some restrictions.

    • You can know some information by unzip the xxxxx.zip(without password).

      • The contents of xxxxx.zip seems to be fatxxx(file-size is 0KB).
      • Total file number(512) means filesystem's number of files limit.
      • Total number of files = Number of files limit in root directory of FAT16.
      • This is why that FAT16 is correct answer of xxxxx.
  • Answer(FLAG):

    • HarekazeCTF{Y0u_G0t_FuNNy_F1ag_?DF?_T?_is_FAT16}
  • Addition:

    • You can check your filesystem using df -T.

Reference: https://support.microsoft.com/ja-jp/help/436213

Github repository:

github.com