Challenge: DDR All the cool robots are playing Digital Dance Robots, a new rythmn game that… has absolutely no sound! Robots are just that good at these games… until they crash because they can’t count to 256. Can you beat the high score and earn a prize? nc chal.2023.sunshinectf.games 23200 Solve 1. Task: Robot will give a 50 arrow string & you have to reply with WASD form. W for up arrow A for left arrow S for down arrow D for right arrow 2. When you enter a correct answer, it will increase score by 1 & give you a new string. 3. We have to complete 256 challenges in order to get the flag. 4. Use pwntools ...

Challenge: Dill Originally this was going to be about pickles, but .pyc sounds close enough to “pickles” so I decided to make it about that instead. Download: dill.cpython-38.pyc Solve 1. Go to PyC decompile and upload the file. It will show the code. 2. Code: # uncompyle6 version 3.5.0 # Python bytecode 3.8 (3413) # Decompiled from: Python 2.7.5 (default, Jun 20 2023, 11:36:40) # [GCC 4.8.5 20150623 (Red Hat 4.8.5-44)] # Embedded file name: dill.py # Size of source mod 2**32: 914 bytes class Dill: prefix = 'sun{' suffix = '}' o = [5, 1, 3, 4, 7, 2, 6, 0] def __init__(self) -> None: self.encrypted = 'bGVnbGxpaGVwaWNrdD8Ka2V0ZXRpZGls' def validate(self, value: str) -> bool: if not (value.startswith(Dill.prefix) and value.endswith(Dill.suffix)): return False value = value[len(Dill.prefix):-len(Dill.suffix)] if len(value) != 32: return False c = [value[i:i + 4] for i in range(0, len(value), 4)] value = ''.join([c[i] for i in Dill.o]) if value != self.encrypted: return False else: return True Solution class Dill: prefix = "sun{" suffix = "}" o = [5, 1, 3, 4, 7, 2, 6, 0] def __init__(self) -> None: self.encrypted = "bGVnbGxpaGVwaWNrdD8Ka2V0ZXRpZGls" def validate(self, value: str) -> bool: if not (value.startswith(Dill.prefix) and value.endswith(Dill.suffix)): return False value = value[len(Dill.prefix) : -len(Dill.suffix)] if len(value) != 32: return False c = [value[i : i + 4] for i in range(0, len(value), 4)] value = "".join([c[i] for i in Dill.o]) if value != self.encrypted: return False else: return True def decrypt(self, value: str): ans = "" if len(value) != 32: return False c = [value[i : i + 4] for i in range(0, len(value), 4)] for i in range(8): pos = Dill.o.index(i) ans += c[pos] return Dill.prefix + ans + Dill.suffix d = Dill() ans = d.decrypt("bGVnbGxpaGVwaWNrdD8Ka2V0ZXRpZGls") print(ans) Flag sun{ZGlsbGxpa2V0aGVwaWNrbGVnZXRpdD8K} ...

Intro newsubs is a Python-based command-line tool. Its mission? To make subdomain discovery for Bug Bounty programs a breeze. By leveraging data from Chaos, newsubs streamlines the process of fetching and comparing subdomains across different program versions. Getting started Before we delve into the exciting world of newsubs, let’s ensure you have it set up on your system. Follow these steps: git clone https://github.com/heydc7/newsubs.git cd newsubs pip3 install -r requirements.txt python3 newsubs.py -h Now that newsubs is set up, let’s explore its key features and commands. ...

Introduction Hello everyone, I hope you are doing well. In this short tutorial, we’ll introduce you to a simple Python tool called “Tinker” that can be used for parameter tampering and help you understand how it works. What is Tinker? Tinker is a Python tool designed to generate multiple deviation payloads of the same input by using parameter tampering. In other words, Tinker helps you explore different variations of a string by toggling between lowercase and uppercase letters. ...

Automating recon can be a useful tool for improving the efficiency, accuracy, scalability, and security of the recon process. What is Magnify? A tool for spider multiple URLs & check for sensitive variables in code. Why? It is hard to check waybackurls by copy & paste into the browser. Many URLs get 404. Hence, This tool helps to reduce the error links & helps to find sensitive keywords in code. ...

Introduction Hello, and welcome to my blog! I’m very excited to share my journey of creating this website. I’ve been actively participating in CTFs & learning new concepts continuously. I will be sharing write-ups for CTFs. Stay tuned!