[ Home ] [ Writeups ] [ Articles ] [ Cheatsheets ] [ CVE ] [ EOF ]

.:: Oryx - AUCTF 2020 ::.
Title : Oryx - AUCTF 2020
Author : Cabir  
teammates : Deilyora
Date : Sunday, Apr 5, 2020
Modified : Sunday, Apr 5, 2020
Reading time: 2 minutes and 2 seconds.


One of the developers of devs-r-us.xyz has been a little sketchy lately. We have received reports that they may be selling data to competitors. We just haven't found out how!

-=[Oryx - AUCTF 2020]=-

Here the website:


We only have the names of the two developpers. If we download the boat picture above, named mcafee.png, and examine the exifs :

 1$ exiftool mcafee.png
 3ExifTool Version Number        : 10.80
 4File Name                      : mcafee.png
 5Directory                      : .
 6File Size                      : 2.5 MB
 7File Modification Date/Time    : 2020:04:05 21:21:54+02:00
 8File Access Date/Time          : 2020:04:06 19:21:52+02:00
 9File Inode Change Date/Time    : 2020:04:06 19:21:52+02:00
10File Permissions               : rwxrwxrwx
11File Type                      : PNG
12File Type Extension            : png
13MIME Type                      : image/png
14Image Width                    : 1920
15Image Height                   : 1080
16Bit Depth                      : 8
17Color Type                     : RGB
18Compression                    : Deflate/Inflate
19Filter                         : Adaptive
20Interlace                      : Noninterlaced
21XMP Toolkit                    : Image::ExifTool 11.91
22Description                    : https://discord.gg/pMzcE45 DM me if you want more info
23Image Size                     : 1920x1080
24Megapixels                     : 2.1 

The discord link in the description field lead us to the AUCTF Discord. On the Discord we found an user called Jorge G, similar to Jorge Greenwood on the website.


We start a conversation with him : (did that with my friend Deilyora)

1Deilyora : Hello, I saw your message in mcafee.png and I've heard you are selling  
2    some interesting data. Could you elaborate on what the data is ?
4Jorge : can't say what the data is but if you can find a way for me to trust you, 
5    I may be able to share it 

oh ok… the question is How can we be trusted ? Let’s try social engineering !

1Deilyora : Don't you remember me ? I worked with you on the developement of Myworld.com. 
2    I'm now working for a big developement company and I think 
3    the informations devs-r-us have could be interesting for us. 
4    I'm willing to pay good money if the informations are good.
6Jorge : Hi there Deilyora. Sorry it's protocol. I'm looking for a specific message. 
7    Long time no see.

He’s talking about protocol. We probably missed something. Let’s go back to the website. When we inspected the source code of the page nothing seemed interesting. But when we click on Contact-us, an event is triggered and a comment in the code appears.

With some researchs we found that: source: https://en.wikipedia.org/wiki/MaddAddam MaddAddam is a novel by Canadian writer Margaret Atwood, published on 29 August 2013. We were like ok. Let’s ask him. We have nothing more.

1Deilyora : Then, Who is MaddAddam?
3Jorge : just what I was looking for Please do not share the following link. 
4It would be considered cheating and will result in removal understood?
6Deilyora : yes
7Jorge: cool :) 
8Jorge: discord.gg/xxxxxxx

We are invited to a private Discord discord.gg/xxxxxxx


Here a flash code with the link to the flag.

.: FLAG :.


[ Home ] [ Writeups ] [ Articles ] [ Cheatsheets ] [ CVE ] [ EOF ]