1337 up CTF

1337 up CTF

One of the first competitions where I noticed I could solve some of these challenges.

Intigriti 1337 Up Live 2022 Event



Solved by : Starry-Lord

Transforming time into flags…

As an OSINT challenge I started by checking the username @0pt1muspr1me on common social media platforms, and eventually found 0pt1muspr1me's Github profile.

2 repos there with a couple commits

0pt1muspr1me repository

private repository

Obviously that zip file is password protected, so I started by trying fcrackzip:

fcrackzip -Duvp rockyou.txt flag.zip
fcrackzip -b -c “aA1” flag.zip

This didn’t work D:

There was more in the README.md

0pt1muspr1me's Github Profile


Starting to transform time into flags! Yay!! But that string was undecipherable.

I started trying that string as a part of a url on repl.it, pastebin, to no avail.

That led me to look into what is bpython and it turns out this is linked on the website


Trying that string gave me a paste of a file named password.py



# password.py 2022-03-26 09:56:27
import time
import string
import random
import pyminizip
clock = int(time.time())
length, letters = 32, string.ascii_letters
result_str = ''.join(random.choice(letters) for i in range(length))
archive_name = 'flag.zip'
pyminizip.compress("flag.txt", "flaggers", "flag.zip", result_str, 9)

So this is the code that created our flag.zip file, found on github.

In line 7, we see that the random function is seeded by the value of clock.

In practice, this means we can reproduce the exact same result_str var as the one from the creation time of the flag.zip,

that is IF we know the time frame it was created at.

It turns out we do! during the competition I went back to bpa.st and checked the longevity for a paste and found my answer: 1 day 1 week or 1 month (this one worked)

2022-03-26 09:56:27
- 30 days =
2022-02-24 09:56:27 # Unix Timestamp to replace clock var 1645696587

We can convert date and time to unix timestamps easily on cyberchef.

A range between 2022-02-24 07:56:27(1645689387) and 2022-02-24 09:56:27 (1645696587) should fall exactly in the time period when the flag.zip was created.

We can now supply the unix timestamp values we want to try as below:

# passwordpwn.py
import time
import string
import random
import pyminizip
#clock = int(time.time())
clock = range(1645689387, 1645696587)
for i in clock: 
    length, letters = 32, string.ascii_letters
    result_str = ''.join(random.choice(letters) for i in range(length))
    #archive_name = 'flag.zip'
    #pyminizip.compress("flag.txt", "flaggers", "flag.zip", result_str, 9)

By supplying a range and iterating through it, I managed to print a list of possible password and make a wordlist out of it, then crack the zip in a couple seconds 😎

python3 passwordpwn.py > passlist


Blink’s Secret

Solved by : Ava and Starry-Lord


content of note.txt:

a big fire accident in mr.Blinking man’s house, we managed to collect a note with a meme with his own image on it. The note says as follows:

missed a secret which was posted on his social media. I want to find that secret but I don't know where it is. I have some hints regarding where the secret is..

The user name is 15 letters long

user name comprises of my name and zip code of my current residence


the name is thomas mueller then write the name as ThomasMueller



So we have to find this face’s name!

Turns out this is Drew Scanlon from San-Francisco and finding his name wasn’t too much of a problem


At this point, 11 letter plus a full zip code was past 15 letters and wasn’t making sense to me. I still tried to find the account on twitter by placing all zip codes for the SF area until I eventually deleted all numbers and got lucky:



This hints towards deletion, so I checked web archives and found this:

DrewScanlon_941's twitter web archive

Wow!! What a wonderful day !!! І wish I could eхtend this day as much as possible...

This is unicode, and since this was really too suspicious I went digging for unicode steganography.

That’s when Ava found about an online tool for that purpose and we solved it.




uploaded 29.03.2022