Destructive Voice

a CTF team from Ural Federal University, Yekaterinburg

VolgaCTF Quals 2014 Recon 300

We have a facebook page. Firstly, let’s check the information. We can find his Instagram, vk page and a site.

To finish with facebook page I decided to read his post. In one message he writes that he want to download free music and about VK music.

I wished to start with the site where we can just flip the pages. I read the site’s code fast and found nothing interesting there but the comments are nice. May be I missed something? Ok, we always can return to this site. Let’s now go to the vk page.

Ok, we still remember about VK music, so let’s visit his vk page. Firstly, we can see the post where he asks about opening password-protected zip. Bruting password works fine and we can get it easy: 228322 (funny one). There is only a O_o.txt file with text “o_O what are u doing here?”. Just a joke I think. Ok, no more interesting posts but we remember about music, don’t we?

One song is really suspicious: Easy flag — here. Listening it seems useless. But we can download it, maybe we would find something interesting there? Of course, it is here! On the cover. So the flag is s0_much_music.

Author: Phil Bazun