I have been doing reverse engineering (RE) since my childhood days and that always helps freshen up my technical skills as well as understand the intrinsic working details of a particular piece of code and/or software. I have used tools such as IDA, x64dbg/Ollydbg, hiew, and more recently Ghidra. In the past I had also used SoftICE and quite a few other things. Those were the golden days when one can play around and I had all the time to learn stuff.
But these days, it is hard to find time to indulge into the RE scene. In the weekend, I was getting bored and didn’t have anything to do. So just took a shot at Google CTF (https://capturetheflag.withgoogle.com/). It is a good resource to have fun and learn stuff. Click on the BeginnersQuest ((https://capturetheflag.withgoogle.com/beginners-quest)) and you would be presented with a (complex) map. There is a 1 on Side B top right corner. Click on it and you should be taken to the first challenge (https://cctv-web.2021.ctfcompetition.com/). The first challenge is to crack the password for getting access to those CCTV cameras!
The idea is to hack the password. If done properly, you should see 4 CCTV cameras and a CTF{
The function is pretty easy to understand. There are a bunch of unicode characters compared for the password. It is a byte by byte comparison. And I have given the solution now. It is very easy to implement in Javascript and get the password.
If you are still confused, have a look at the solution here: https://onecompiler.com/javascript/3z3vj2v9n
BTW: Could have been solved with python, C and a host of other languages. I just chose JS as it was hosted and pretty easy to script in there.
Hope you all got started on Google CTF. I will hopefully find time for the next challenge and will put a write-up soon.
