The Fray is upon us, and the very first challenge has been released! Are you ready factions!? Considering this is just the beginning, if you cannot musted the teamwork needed this early, then your doom is likely inevitable.
Files:
Writeup by: Stig Rune Grønnestad
Looking at the attached file script.sh I found a few clues quickly, namely the {BTH and NG5kX3kwdVJfR3IwdU5kISF9 cought my attention. The first string seemed to be a reversed part of the flag, and the second string seemed to be a base64 encoded string. I combined these two and for some reason thought I was missing a middle part which led me down a small rabbit hole.
I used CyberChef for the decoding and reversing.
tS_u0y_ll1w{BTH
Reversed ->
HTB{w1ll_y0u_St
https://gchq.github.io/CyberChef/#recipe=Reverse('Character')&input=dFNfdTB5X2xsMXd7QlRI
NG5kX3kwdVJfR3IwdU5kISF9
From Base64 ->
4nd_y0uR_Gr0uNd!!}
Combined:
HTB{w1ll_y0u_St4nd_y0uR_Gr0uNd!!}
For some reason I got an error using the flag (copy-paste error or something), which led me down a small rabbit hole. Looking at the part of the URLs 0xda4 (decimal 3492) led me to believe I had to use punycode (RFC 3492) to get the flag. This was not the case, but it was a fun detour.
Punycode: A Bootstring encoding of Unicode for Internationalized Domain Names in Applications (IDNA)
RFC 3492
The flag was simply:
HTB{w1ll_y0u_St4nd_y0uR_Gr0uNd!!}