Though some may view otherwise, the sketches created by AI should not be considered as real art.

The Definition of Art

Through time and time again, from the dawn of humanity, man has created art. Whether if that was from the aboriginal rock paintings in Australia originating 65,000 or 80,000 years ago, or in modern forms of art even beyond canvases such as rocks or paper.

Though in recent years, some view that modern art had decreased the standard of art, such as the recent exhibition of, quite literally, a banana taped to a wall. No matter how ridiculous it may seem, it is still a form of art.

The reason of this is, despite the method or the means of which art is contrived or delivered, is that art has meaning. Every piece of human art, no matter if it is drawn by a child in primary school, or a professional artist, making a living off of art, they all have meaning, it is revocable, inevitable and undebatable.

Art, is also a form of creation, it creates and delivers these messages through the exhaustion of the artists, which trains the artists in the process, their skills, resilience and all other abilities related to the creation of art.

It takes time, and requires skill to create art, and art has meaning.

AI Cannot Understand Meaning

To its core, artificial intelligence is mathematics, through the calculations of matrices, vectors and other complicated computer science gibberish. It predicts what the next pixel is, and guesses what it should say next.

It does not have a mind, as much as some AI-fanatics pretend it does, it is cold, has no flesh, and it cannot think or understand.

This is shown through a study conducted by Apple [1], it had found that AI is incapable of reasoning, it had found that artificial intelligence “face a complete accuracy collapse beyond certain complexities”.

If AI cannot reason, or actually think, then how can we trust it to understand the true meaning behind human art? If we cannot trust AI to understand the true meaning of art, then how can we trust it to create meaning in art? And, to that extent, to create art as defined above?

Intelligence != Understanding

Sure, one can argue that the human brains also have limits, and also cannot understand beyond certain complexities, but the difference is all humans, no matter where you come from, or what your background is, have emotions, have feelings and have common experiences.

Humans have emotions, and that is what sets humans apart from computers, and AI. When an AI model looks at a piece of art about connection with one’s mother, it calculates the meaning based off of the pieces of real human art it had profiteered upon, and outputs a line of text, outlining the emotions of what a human might feel.

However, when a real human being sees a piece of art about one’s mother, they can feel, they can connect, they can understand through their own experiences with their mother, and understand something through their own thought process.

Human brains, human understandings, human thoughts grow.

AI Steals, not Create

It is a objective fact that all AI models are trained upon data. And, where does this data come from? They come from real human artists, and often without consent or payment.

In fact, the Australian federal government has even recently banned [2] this practice, if this was not happening before the ban, then why would they ban it?

Artificial intelligence ruthlessly and brutally crawls artists’ Twitter posts, through their blogs and wherever they post online. Some artists were even forced to add watermarks or to use specialised programs to prevent this exact behaviour.

It is unbelievable, concerning and dangerous that the creators of real human art, a practice which as mentioned earlier, originated from more than 80 thousand years ago, way before electricity or even any modern commodity was invented, have to go under, effectively, hiding, and having to metaphorically “dodge the AI bullet”.

Artists have a sense of community, they have a sense of unity, they help each other and compliment each other, not destroy, steal and profit off of one another.

Thus, AI is not “an artist” as it lacks the simple understanding of human unity and community, it is designed for one purpose, and that is to help its original creators make money, and it is quite frankly disgusting and, as it is in Australia, heavily regulated.

AI “Art” is Fruitless

As mentioned earlier,

It takes time, and requires skill to create art, and art has meaning.

Sure, people can argue, and they do argue, that AI has made art more accessible. But, is that necessarily a good thing?

Creating pieces of art is rewarding and useful in the development of the human mind because of the skills you build along the way. When you learn to draw, you learn to manage time, and how to, literally create pieces of art.

It is often the inaccessibility of the results of art that makes art a form of creation unlike any other.

It is also rewarding because you are visibly able to see the progress you have made along your create journey.

AI “art” takes both of these fruits of art away from humanity. When all it takes is a prompt, a single line of littered words, is to create a piece of art, where is the growth? Where is the learning experiences?

That picture file you receive at the end of a GenAI creation is not a reflection of your skills, nor is it a reflection of your growth. Art is fruitful, not because of its results, but because of the process.

And without this process, one cannot call art “art”.

AI Fosters a Dangerous Society

We live in an age where everything has to be fast. Whether that is food deliveries, or E-mails, or assignments, we wants things done, quickly.

That is a trap, of which I personally falls into, too frequently as well. We are a generation of social media and short-form videos which had already shown its impact on our attention spans.

And, GenAI “art” does not help, it adds fuel to the fire, further accelerating this understanding in society that:

Effort Spent != Results Received

Though one may argue that this principle is true, one may not be successful despite the efforts they have given, but it is undebatable that this mindset is toxic and should not be indoctrinated into our young people’s minds.

We should foster a society of “creators” and not a society of “receivers”.

AI Accelerates Destruction

So far, as mentioned in the previous argument, AI damages humanity metaphorically and mentally. However, AI “art” also has its negative impact environmentally.

When you ask AI to put together a senseless and meaningless sketch of what can only be considered as gibberish, it takes a heavy toll on the environment.

In an Australian federal inquiry conducted by the Royal Melbourne Institute of Technology [3], Dr. Gordon presented the fact that “producing an image” via AI “uses about 20 times” more energy than a GenAI text inquiry.

Which by the way, uses “somewhere between 10 to 90 times more energy per inquiry” than a Google search. That means, when you ask an AI model to generate a silly picture, it uses 200 to 1800 times more energy per inquiry than a Google search.

The same study also found that these GenAI models also use between “1~3% of the world’s energy”, and that it is “set to grow”.

When the numbers and facts are presented, it is without doubt that it is shocking and concerning at the same time. Without doubt, AI “art” has taken a giant toll on the environment, and a giant dump on the efforts that literally every contributing member of society had made to the coping and the reversal of climate change.

Personally, I have never seen a real human artist consume 200 to 1800 times more energy than a Google search just to create a real piece of art, which, in its core have more value than the trash AI can produce anyway.

Conclusion

As argued above, it is difficult to conclude that AI-generated “art” is really art, and not only that, but it is also a plague, and a tumour which damages artists, our society, and humanity as a whole.

Footnotes

1. Shojaee, P., Mirzadeh, I., Alizadeh, K., Horton, M., Bengio, S. and Farajtabar, M. (2025). The Illusion of Thinking: Understanding the Strengths and Limitations of Reasoning Models via the Lens of Problem Complexity. [online] arXiv.org. Available at: https://arxiv.org/abs/2506.06941.
2. Maani Truu (2025). Federal government rules out changing copyright law to give AI companies free rein. [online] Abc.net.au. Available at: https://www.abc.net.au/news/2025-10-27/labor-rules-out-ai-training-copyright-exceptions/105935740/.
3. Rmit.edu.au. (2024). Federal Inquiry hears warning on environmental impacts of AI. [online] Available at: https://www.rmit.edu.au/news/media-releases-and-expert-comments/2024/sep/environmental-impacts-of-ai.

You used to call me on my cellphone.

Provided Clues

• We are provided with an audio clip of someone connecting to dial-up internet.
• This phone number is from Sydney.
• This happened in 1995.
• We need to try harder.

Chasing the Goose

Now, we must remember,

this is NOT forensics. This is OSINT.

(do not try to read the dial-up sound effect that happened AFTER the initial DTMF sounds) Repeat that 3 times before continuing.

Okay. So, by using Google or any research tool, we know that to connect to the dial-up internet, or some sort of modem using dial-up internet, we must first dial the phone number of that modem.
This is done through DTMF (Dual-Tone Multi-Frequency), this is the audio that plays when you press a number key on phones even to this day.

Using Google, we can find an online DTMF reader.

This way, we can find that the number they have dialed, is, at least, some parts of, is 3693244.

Now, if you live in Australia, you will quickly find that that is no longer the number format we use anymore. In Australia, the phone number now is (01) 23 456 789.

There are often 10 digits instead of 7. Even with the added area code prefix of Sydney, which is (02), that still leaves us with (02) 369 3244.

What’s going on here?

Ask a Boomer

Now, in 1995, landlines and modems can still just have 7 digits after the area code, so in 1995, that would have been a perfectly normal phone number that you can call.
So, now we just need to find out who owns this number.

We will need to look up this number on Google, maybe in a few different formats as they might have been listed in an irregular format, who knows what happened in 1995. I can’t imagine being a millennial!

Trying many different formats of the same thing is quite a common strategy, see from IrisCTF 2024 Write-ups - OSINT: Harsh Reality of Passwords.

In Australia, when you use the international calling code to call an Australian phone number, you generally always remove the 0 at the front.

Let’s try:

Indeed, +61-2-369-3244 leads us somewhere. All other phone numbers will result in absolutely nothing.
You may need to turn SafeSearch off.

We can find this list of BBS’s in 1995, incidentally, that phone number just so happens to be on there!

Solution

This reveals the flag to be DUCTF{Hotline\_BBS}.

OSINT: yippee

You son of a beach.

Provided Clues

Chasing the Goose

First, we want to analyse this picture.

Now, we must analyse the clues one by one.

This sign is a very generic tide warning sign in Australia, as evident when you try to image search this thing.
So, something important would be the steep hills in the background. That is a unique feature to this beach or image. Let’s image search just that portion.

This will yield these results:

Now, I am very curious as to what happened in the first image, and why they are all blurred out. Sydney people must be very… expressive.

But that’s not relevant.

Every other image has led us to the same location, Port Macquire, Nobby’s Beach and Flynn’s Beach.

Solution

We can either try all these three flags one by one, or we can use Google Maps Street View, to finally rest the location on Nobbys Beach, Port Macquire…?

Weirdly enough, this was not the flag. Although we can see the hills and views are almost an exact match, the flag was Flynn’s Beach, being DUCTF{Flynns_Beach}.

This is probably to avoid a conflict between Nobby’s Beach, Port Macquarie and an identically named Nobby’s Beach, Newcastle.

OSINT: Look at all those chickens!

Where did you get that hoodie? And how do I get one?

Provided Clues

Chasing the Goose

Use Google Image Search. Selecting the important portion of the image, that being the central island and the little bit of residential area on the right.
We can find this article talking about a Bin Chicken Island.

Using Google Maps we can find this location in Coburg, Victoria.

The challenge mentioned the location we are looking for is…
“… can you find out the name of the place where these birds were locked up?”

Now, let’s find where those bin chickens were locked up. Searching for the keyword “prison” on Google Maps, and there it is! The Pentridge Prison.

Solution

And thus, the flag is DUCTF{Pentridge_Prison}

Afterword

This was the first time I did DownUnder CTF. The OSINT challenges were interesting, I think the most unique one was Zer0C00l, as all other challenges were either a simple Google Image search away, or some derivation of that.
Some flags were quite misleading, as well as the hints. I am also not too confident in if spamming “try harder” gifs are exactly the least taunting way to say “no hints”.

My best friend’s first name is Frequency, and his last name is Analysis.

Original Challenge

If you talk in another language, nobody can understand what you say! Check out this message I sent in Indonesian. To add some extra security, I also applied a monoalphabetic substitution cipher on it!

Provided Files

message.txt

Efe kqkbkx czwkf akfs kdkf qzfskf wzdcjtfk Ieqku kqk akfs ikxj kck akfs wkak ukikukf :Q
Lzfqztk ukdj kqk qe wefe: bkvim{wzbkdki_ckse_kckukx_ukdj_wjuk_kfkbewew_mtzujzfwe}

Chasing the Goose

Huh?

From the challenge description, we can find out that the text in question is ciphered using a monoalphabetic substitution cipher, and that the original text is written in Indonesian.

When we approach this kind of cipher, we should bruteforce it use frequency analysis. And so, here it begins.

Analysing bit by bit

Okay. There’s a lot of characters. What do we do? First, we need to find a dictionary for us to use, as most of us, and I think whoever’s reading this right now, does not know Indonesian. So, using Google, we can find a list of the top 1,000 most common Indonesian words. And, better yet, it linked us to a Google Spreadsheet of the top 2,000 most commonly used words! What a treat. And lucky for us, we can use Regex (Regular Expressions) in Google Spreadsheets to find what we need.

Okay. So, now what? Let’s look at the text first.

Efe kqkbkx czwkf akfs kdkf qzfskf wzdcjtfk Ieqku kqk akfs ikxj kck akfs wkak ukikukf :Q
Lzfqztk ukdj kqk qe wefe: bkvim{wzbkdki_ckse_kckukx_ukdj_wjuk_kfkbewew_mtzujzfwe}

Notice the brackets at the end? That’s our flag. And, we know the prefix to our flags which is “lactf”. And so, we can infer the following: b -> l, k -> a, l -> t, m -> f, v -> c.

• Moving on, we can see the first word in the message is “Efe”, we need to find a word that starts and ends with the same letter, and has a different letter in between. At the 4th spot in the list, we have ini. Which means “This”, we can safely assume that this is the case and continue with our table: e-> i, f -> n.
• Moving on, we can see the second word, “kqkbkx”, and using our current table, we can get the decipher word of “a[q]ala[x]” (letters in the [] brackets are not deciphered yet). At the 9th spot in the list, we can easily spot the word of similar structure, “adalah” which means “is”. We can now update our table, with the newly deciphered x -> h, q -> d.
• Moving on, we have “czwkf”, using our current table, we can get “[c][z][w]an”. This is too broad for us to search, many words in Indonesian end with “an”, let’s skip this one for now.
• Moving on, we have “akfs” -> “[a]an[s]”, 4 letters with “an” in the middle. We can use regex to search for it. On the Google Spreadsheet, press Ctrl + F (Find), and select “Search with Regular Expression”. We can then try to get a Regex string for this query. We can get “^.{1}an.{1}$”. Learn more about how Regex works and what this means here. The first result is, surprisingly, the most commonly used word in Indonesian, “yang”. And so, we can get: a -> y, s - > g.
• Continuing the trend, the next word, “kdkf” - decipher -> “a[d]an” - regex “^ a.{1}an$” -> too many results, skip. Next word, “qzfskf” -decipher -> “d[z]gan” -regex “^d.{1}ngan$” -> “dengan” -> z -> e. Repeat until we have the full alphabet as follows.

The empty ones are not used in the ciphertext, and so omitted from the table.

Results

Using the table, write a script if you want, but we can get the final flag of: lactf{selamat_pagi_apakah_kamu_suka_analisis_frekuensi}, which means “good morning do you like frequency analysis” in English. The answer to this question is no when I did the challenge, but when I finally got the flag, yes, yes I do. I love frequency analysis, deeply.

OSINT: Closed

OSINT my beloved.

Original Challenge

*Over spring break, my friend sent me this picture of a place they went to, and said it was their favourite plate to visit but it closed :(.

Where is this rock?

Answer using the coordinates of the bottom left corner of the rock, rounded to the nearest thousandth. If the coordinates were the physical location of the bruin bear statue, the flag would be lactf{34.071,-118.445}. Note that there is no space in the flag.

Provided Files

Rock.png (not the actual file name)

Chasing the Goose

Mr. Johnson? Is that you?

First, we need to analyse this picture, to get some information on where the rock could possibly be.
shorebird* (sorry)

Very good, we have spotted a lot of basic information from the picture, and we can move on with our investigation. Additionally, from the challenge description, we can also infer the area was closed of some sort.

Also, from the original map, we can tell the orientation of it was North is Up, and since the rock’s bump was facing downwards, we can safely assume that the land is up north, and the sea is below. So, we can start to filter through this one by one.

In addition, the map can also tell us that there are no signs of a city or civilisation on the premises.

To summarise, the place we are looking meets the following criteria:

• Must be near a coast, as there is seawater;
• In Southern California;
• There are shorebirds nesting in the area;
• Next to a trail that’s named “…(h/n)ore Trail”;
• Closed after spring;
• Very far from any city or civilizations in general;
• Land is up, sea is below.

Find-A-Rock

Upon preliminary examination, there are a lot of state parks in the state of California, and even just Southern California alone. We will need to dig deeper.

Looking at the California Department of Parks and Recreation website, we can find a tool named “Find-A-Park” which allows us to use filters.

Since we know there’s a trail next door named “…(h/n)ore Trail”, we can safely say that there’s a hiking trail next to the park we are looking for. Lucky for us, this tool also comes with a map feature, so we can narrow it down even further.

Okay, now let’s go through this thing. Though, the issue of where the division line really is is up to debate. But, I really do not care, so I am going to use the Fresno line as the division line.

So, we can start to filter through this one by one. We can look from up to down first, as there are more state parks in the area.

So, we have the Ishxenta State Park, Point Lobos State Natural Reserve, and Garrapata State Park. Let’s open these locations on Google Maps in Satellite mode.

This is the Ishxenta State Park (or formerly known as the Point Lobos Ranch Park Property as shown on Google Maps and the official website). And from preliminary examination, we can tell this location is landlocked and not near any oceans. We can move on from this one on to Point Lobos SNR.

Oh! We found the “…(h/n)ore Trail” trail we were talking about. Turns out, it’s the Southern Shore Trail. This means we are on the right track.
Move our mouse a little bit… And…

We found it! Let’s confirm with our original image!

We can now safely say that this is what we were looking for, in the Point Lobos State Natural Reserve.

Results

We can get the final coordinates of the location as “36.51555901354592, -121.94929707007033” by right clicking on the bottom left corner of the rock. The challenge wanted the coordinates accurate to the nearest thousandth, so the final flag is lactf{36.516,-121.949}.

Very good challenge, and I enjoyed it thoroughly.

These solutions are not the best, this is the first time I’ve participated in a CTF challenge, so I’m trying my best :sob: This Write-Up consists of all the challenges I’ve solved. I think I’ve used OSINT a bit too much in solving the Networks challenge. But, hey, I had fun, will come again 10/10.

OSINT: Away On Vacation

Public accounts are sitting ducks.

Provided Clues

The challenge provided you with an E-mail to Iris Stein’s Assistant, Michelangelo Corning at michelangelocorning0490@gmail.com.

Chasing the Goose

The E-mail

By sending the E-mail address anything, you will receive an automated, away on vacation message.

Dear,

Thank you for the email, I’m currently away on vacation to celebrate New Years!

If you would like a quicker response, feel free to reach out to my social media. I mostly talk about birds on it.

Have a great start to the year, and take care!

This Email would reveal what Michelangelo talks about on his public social media account, birds.

Search Engine

Simply, search up “Michelangelo Corning” on a search engine, if you are lucky, you will be able to find his Instagram account.

Results

On his Instagram account, just go through a few posts, and you will find the flag: irisctf{pub1ic_4cc0unt5_4r3_51tt1ng_duck5}.

OSINT: Personal Breach

Social media is an infection.

Provided Clues

The challenge provided you with a web page. Opening the webpage reveals 3 security questions. We will need to find Iris’ Age, Birthing Hospital and Workplace. The challenge also specified “The weakest link in security could be the people around you.” meaning we should start looking for people around Iris and they could reveal the answers.

Chasing the Goose

Iris’ Instagram

We’ve found Michelangelo’s Instagram, now we just need to find Iris’. Easy enough, going to the Tagged section of his public Instagram account, you’ll spot a post from Iris. Simply open the post, and you’ve hit Iris’ Instagram account.

Iris’ Workplace

In order to find the workplace of a person, you will need to find a platform where people post about their jobs. The closest platform might’ve been… Linkedin. Now, we just need to find Iris Stein’s public Linkedin profile.

Iris’ Mother

Going through some of Iris Stein’s personal posts, you will find this post:

In this post, she revealed the name of her mother, Elania Stein. This is crucial to this challenge and the few coming up.

What we are looking for

Searching

Using the search engine, it is very difficult to find Elania Stein’s social media accounts. However, based on her advanced age, it might be easy to assume that she’s on some old, boring platform like… Facebook. Using a quick search on Facebook, we can reveal her Facebook account.
Iris Stein’s Linkedin account is easy to find, however, we simply need to search on Linkedin, and we can find it.

Iris’ Security Questions

On her Linkedin account, we can easily find that she worked at the Mountain Peak Hiring Agency. In San Francisco, CA.
On Elania’s Facebook account, if we scroll all the way to the bottom, we can find a post about Iris’ birthday, with an image of a hospital room.
The birthday revealed would be 27th April, 1996. Put that in a calculator and we can find out that Iris is 27.
To find her birthing hospital would be a bit tricky, however, she revealed that, “…To think they got ranked to be the best maternity hospital in Manhattan is astounding…” Using a common ranking tool like Yelp, we can find her birthing hospital to be the Lenox Hill Hospital. (This is also doable with a Google Image search but this is how I did it)

Results

Putting all the answers to her security questions reveals the flag: irisctf{s0c1al_m3d1a_1s_an_1nf3cti0n}.

OSINT: A Harsh Reality of Passwords

🅱️Crypted! (sorry)

Provided Clues

This challenge uses ALL of the clues, results and accounts we’ve found so far. However, the challenge also provided a BCrypt hash of $2b$04$DkQOnBXHNLw2cnsmSEdM0uyN3NHLUb9I5IIUF3akpLwoy7dlhgyEC. And later, Lychi, being the good person that she is, revealed 3 extra clues. We can summarise everything we have so far.

Chasing the Goose

Through a hole in society

To find her plaintext password, our best chance at it would be brute forcing it, since we have the hash. We’ll need to create a wordlist, including content that Iris Stein finds important.

The Letters

Through Elania and Iris’ posts, we can find some words that are interesting.

• Locations: Portofino (x2), Italy, Amsterdam, Netherlands, Swarovski, Milan, Starbucks, Al Conte Ugolino, Berlin.
• Food: Mimosa, Mimosas, Tiramisu.
• Possible Important / Generic Things: Mother, Mom, Love, Family, Travel, Traveling, Travelling, Iris, Stein, Elania, Forever, Fun, Life.

The Numbers

Based on their advanced age, it would be safe to assume that they had put their birthdays in their passwords. But how, and whose? We’ll have to try all of them. This would also include situations where they failed to put a 0 where it should have one.

Iris Stein’s Birthdays

• “4271996”, (M/D/4Y)
• “04271996” (MM/DD/4Y)
• “2741996”, (DD/M/4Y)
• “27041996” (DD/MM/4Y)
• “1996427”, (4Y/M/DD)
• “19960427” (4Y/MM/DD)

Elania Stein’s Birthdays

• “196548”, (4Y/M/D)
• “19650408” (4Y/MM/DD)
• “1965048”, (4Y/MM/D)
• “1965408” (4Y/M/DD)
• “481965”, (M/D/4Y)
• “04081965”, (MM/DD/4Y)
• “0481965”, (MM/D/4Y)
• “4081965”, (M/DD/4Y)
• “841965”, (D/M/4Y)
• “08041965”, (DD/MM/4Y)
• “0841965”, (DD/M/4Y)
• “8041965” (D/MM/4Y)

Making the Nuke

Shockingly, it would be very difficult to get this done one by one, as there are millions of combinations.
Using python (haters can hate), we can create an inefficient but effective solution, like so:
Note: you will need the bcrypt package for this.

import bcrypt

passhash = "$2b$04$DkQOnBXHNLw2cnsmSEdM0uyN3NHLUb9I5IIUF3akpLwoy7dlhgyEC"

a = [
    "Tiramisu",
    "Elania",
    "Iris",
    "Stein",
    "Forever",
    "Travels",
    "Travel",
    "Fun",
    "Life",
    "Mom",
    "Mother",
    "Travelling",
    "Traveling",
    "Family",
    "Love",
    "Swarovski",
    "Portofino",
    "Mimosas",
    "Mimosa",
    "Italy",
    "Netherlands",
    "Berlin",
]

formats = [
    "4271996",
    "04271996"
    "2741996",
    "27041996"
    "1996427",
    "19960427"
    "196548",
    "19650408"
    "1965048",
    "1965408"
    "481965",
    "04081965",
    "0481965",
    "4081965",
    "841965",
    "08041965",
    "0841965",
    "8041965"
]

cnt = 0
for i in a:
    for j in a:
        for k in a:
            for m in formats:
                if i == j or i == k or j == k:
                    continue
                cnt += 1
                s = ""
                s += i
                s += j
                s += k
                s += m
                if bcrypt.checkpw(s.encode("utf-8"), passhash.encode("utf-8")):
                    print(str(cnt) + " | MATCH! | " + s)
                    exit(0)
                else:
                    print(str(cnt) + " | NO MATCH | " + s)

Running this code, you will eventually receive the final password at attempt 92,048.

Results

The code revealed her password to be “PortofinoItalyTiramisu0481965”. Wrapping that around the fancy irisctf tag, we will have the final flag, irisctf{PortofinoItalyTiramisu0481965}.

OSINT: Czech Where?

Geo-geo-geo-guesssss!?!?

Provided Clues

The challenge provided you with a picture. This challenge requires no prior clues.
Note: the challenge only asked for the street name.

Chasing the Goose

Pixel Analysis

On the image, you can spot a few things, highlighted in the picture on the next page:
Putting these clues on Google, simply search “Czech wooden products”, and we can find, in Images, we can see a maps.me website, showing a store with the (almost) exact same font, and writings, we can safely assume this is the same store. Telling us that the store is in Prague.
We can then use Google maps, and search “Prague, czech wooden products” Revealing the street, Zlatá ulička u Daliborky.

Results

With the street name, the challenge asked us to keep it only in lowercase alphabetical letters only, and replace spaces with an underscore. Giving us the final flag: irisctf{zlata_ulicka_u_daliborky}.

🏆 NET: Where’s Skat?

3.7 crocodiles away from the flag

Provided Clues

The challenge provided us with a .pcap file of Skat’s network history. The challenge also said that Skat was “wardriving”. This means we will need to look at the Network SSIDs near him to find out where he is.

Chasing the Goose

Baby-Sharking

Opening the .pcap file with Wireshark, and filtering out the local IPs by using:

!(ip.src in {10.0.0.0/8, 172.16.0.0/12, 192.168.0.0/16} && ip.dst in {10.0.0.0/8, 172.16.0.0/12, 192.168.0.0/16})

We can get a slightly better view of where Skat is.
Looking through the SSIDs, you will notice that they change quite dramatically as time goes on, this suggests that Skat was on a moving vehicle, but what kind? And where to? Let’s summarise some of the SSIDs we can see at the end of the log (because we are looking for the destination, after all).

• Amtrak_WiFi
• Metrolink
• LAUS Events

Amtrak suggests that Skat was on a train, and trains can only stop at train stations, this means our destination would be near a train station in America.

It also has to have a Metrolink station. Using the power of search engines, we can find out that Metrolink is a Southern California transportation agency. This means, Skat’s in LA.

If you live in Los Angeles, you’ll probably see all of these, including the “LAUS” SSID, and go, “Oh my god! It’s Union Station!”, and if you did, congrats, move on.

Unfortunately, I don’t, and I do not use crocodiles as a measuring unit. This means we will have to use the search engine again. If you scroll up a bit in the logs, you’ll find a SSID that reads “Cilantro Union”, putting this in Google Maps, reveals the destination to be the Union Station.

Results

Putting Union Station in the irisctf wrappers, and we can get the final flag of irisctf{Los_Angeles_Union_Station}.

RE: Rune? What’s that?

Golang? What’s that?

Provided Clues

The **challenge** provided you with a Golang script, **main.go** and a file with a **runed** string named “the”.

Chasing the Goose

Reversing the reverse

To reverse engineer this code, we will need to see what it does first. The script, effectively, **picks the letters from "irisctf{this\_is\_not\_the\_real\_flag}", one by one**, then, transferring them into **a number** (ASCII table), and adding the **previous character’s number** together, to get a new character. Putting that in a new string, and outputting it.  
To get the flag, we’ll need to flip it over, by changing the code on **Line 16** from **v+z** to **v-z**, same goes with **Line 17**, when we need to make z the value of v-z instead, as that is now the previous character.

Reversed Code

package main
import (
	"fmt"
	"os"
	"strings"
)

var flag \= "iÛÛÜÖ×ÚáäÈÑ¥gebªØšÔž’Íãâ£i¥§²ËÅÒÍÈä"

func init() {
	runed := \[\]string{}
	z := rune(0)

	for \_, v := range flag {
		runed \= append(runed, string(v-z))
		z \= v \- z
	}

	flag \= strings.Join(runed, "")
}

func main() {
	file, err := os.OpenFile("the", os.O\_RDWR|os.O\_CREATE, 0644)
	if err \!= nil {
		fmt.Println(err)
		return
	}

	defer file.Close()
	if \_, err := file.Write(\[\]byte(flag)); err \!= nil {
		fmt.Println(err)
		return
	}
}

Results

Running that script, we will get the final flag in “the” file (pun not intentional), being: irisctf{i\_r3411y\_1ik3\_num63r5}.

Conclusion

The first few flags captured, this was a very fun and sometimes frustrating adventure. I’ve had my regrets, should’ve spent some more time on Web Exploitation > Skat’s password, maybe I could’ve solved it. See you next year.