The challenges in this CTF are hard! But I managed to solve some of the easier challenges, so here is my writeup for DownUnderCTF!

MISC #

Discord #

The challenge requires us to get the flag in Discord server.

To do this, we just search for “DUCTF” in the Discord chat.

Looking around for some time, but could’nt find the second part..

Wait a minute, might be sent by the same guy..

FLAG: DUCTF{f1r57_0f_m4ny}

tldr please summarize #

A docx file is attached, might be hiding some kind of secret message.

The passage is so long, so I did not bother to read.

As I scroll through the document, something caught my attention. Abnormal tiny wavy lines at the bottom.

I selected all and changed the font color, which reveals the actual hidden text.

Looks like a shell script. After executing the script in Kali Terminal, the flag is found!

FLAG: DUCTF{chatgpt_I_n33d_2_3scap3}

Crypto #

Sun Zi’s Perfect Math Class #

A webpage link is embedded, which brings us to a webpage to solve a math question.

Sun zi reminds me of Chinese Remainder Theorem I read the other day. I have put the solution below,

The question states that the number of soldiers is between 1000 and 1100, in order to find n, we can keep adding (3 * 5 * 7) to 194, so that n fulfills the 3 modulo equations.

We will get 194, 299 … 929, 1034, 1139,….

Therefore the answer is 1034 😊

Wait, there is a part 2…

shufflebox #

For this challenge, a shuffled code is given to us to recover the message

Therefore, I’ll just find out the sequence and recover the flag.

FLAG: DUCTF{udiditgjwowsuper}

OSINT #

offtheramp #

This is an easy challenge, but for some reason, I am stuck for at least 5 hours… 🤦🏻 (Please read till the end to see how I wasted 5 hours 👍)

An image of a dock is given, requiring us to discover the name of the structure.

It all started when I saw hundreds of solves within the first few hours of the challenge’s release…

Should be an easy question, right?

First approach:

Just look around the whole Australia for docks on Google Maps, because how hard can it be?

Turns out it is very hard… and not very practical..

Second approach:

Google Lens

It doesn’t really return good results until I found the small image in this article:

Frankston.. let me look around the area..

After some searching around, I found the exact view from Google Maps.

I entered State_Road_3 as the flag, but the answer is wrong.. damn

I asked the mods for help, turns out I was at the right place all along, now I just need to find the name of the STRUCTURE.

After changing it back to street view, I finally found the “structure”…

After reading the official writeup,
Turns out the exact coordinates of the location can be found using EXIF Tools..
GOD WHYY U DO THIS TO ME??

Pondering life and the decisions that led you to this point.
-sir nosurf

Now I understand what you meant by then 🤡

FLAG: DUCTF{Oliver_Hill_Boat_Ramp}

cityviews #

An image is given to determine where the photo is taken.

First thing I noticed is the brand logo that looks like a blue palm.

By utilizing Google Images, I found a page which resembles the logo, and the address is at 699 Bourke Street, and the logo is AGL’s logo.

After fiddling around with Google Maps Satelite View, I managed to get an angle that resembles the image, with the advertisement screen and the old building.

Looking at the picture, there is this high-arch windows, which can be found on the street view of 575 Flinders Ln.

I tried using Holiday Inn as the flag, but it was wrong.

After a few guesses, I found the flag!

FLAG: DUCTF{Hotel_Indigo}

Bridget Lives #

An image was given for us to find where the photo is taken.

By using Google Images, the most relevant result is Jiak Kim Bridge in Singapore, but after closely examining it, the bridge in the given image is completely different from the Jiak Kim Bridge.

Just keep looking..

Finally I found a result, which may be the solution!

After watching the video, I am now 100% sure this is the place!

FLAG: DUCTF{Four_Points}

back to the jungle #

MC Fat Monke just dropped a new track???

I googled online for this infamous artist, and here are the results.

The YouTube Link leads us to a sick mixtape.

The key to the flag is at 2:34 of the video, where there is a link to another website.

FLAG: DUCTF{wIr_G0iNg_b4K_t00_d3r_jUNgL3_mIt_d15_1!!111!}

They’re Making Decoys #

This is my favorite OSINT challenge because it is relatively hard.

An image is given for us to find the coordinates of the location (rounded in 4 decimal places) of the “fake” emus.

I have searched for some keywords such as “fake emus”, “emu metal statue” and “emu metal”, but it doesn’t give me any significant results, until I found this post…

Looks like what we are looking for..

The post says the sculptures are at East of Tailem Drive, therefore, I used Google Street View to search the area, till I found the exact spot!

FLAG: DUCTF{-29.5506,153.2777}

marketing #

Google for MC Fat Monke again, this time we found a X (Twitter) Post under DownUnderCTF’s account.

The flag is actually here if you observe carefully…

Can’t see it? Let me show you.

FLAG: DUCTF{doing_a_bit_of_marketing}

Perfect clear for OSINT challenges! #

Conclusion #

The challenges this year were fantastic, especially ‘offtheramp’, which is an experience I will never forget for the rest of my life (and all the time spent on it that I’ll never get back 🥲).

Its a long writeup, I hope you enjoyed reading them!