 What's going on everybody my name is John Hammond and welcome back to some more MITRE STEM CTF I'm gonna cover at least a few of the challenges that are stupid and dumb and can be done very very quickly and don't have a lot of challenge to them so let's get grab bag 100 out of the way the next grab bag 100 challenges called nominations surprise Pikachu is old let's get the surprise cat going okay so for those of you that play CTF and just kind of know really your toolkit and stuff to do and things that you try and then just the archive of things that you normally have to do in the checklist of a CTF right so this is called nomination you know the tools that you particularly would end up using or wanting to run let's W get this file and unzip that's okay cool so we have this scaredy cat PNG file which if we check it out it's this guy you know this thumbnail that's on this picture as on a thumbnail of one of my b-sides Connecticut videos and that has so many views solely because of that picture go check it out if you want okay so right I was saying the toolkit that you run for like normal low-hanging fruit file reconnaissance the garbage that you do for it you just handed a file without any explanation one of those utilities is steg solve and it's Java right I have downloaded this showcased it talked about it in so many videos but if you we opened up and check out scaredy cat you can just use the arrow keys and shift through take a look through all of the different planes or ways to view this file this image and what do you know there's the flag that's that kind of dumb kind of stupid but necessary for some CTF challenges did not require a lot of skill just knowing that toolkit just knowing that tool and just throwing it at it I actually actually I'll talk about this in the next in the next one because grab bag 100 Rick roll do not listen if you have this let's take a look at that let's make directory 100 Rick roll do not listen do not listen CD 100 Rick roll not listen W get I can't have a claim to fame on this one I think it was soul that took this in the discord so props to you dude I love playing this games with you guys it's a blast our r.wav if you play it I don't know if you can hear it that is Rick roll playing in the background you can do spectrogram you can do Morse code I think some people had found on that throat in DTF toes I don't know where everyone was going with this I thought for the longest time when I use sonic visualizer that it actually had something visible in the spectrogram I was wrong and I'm an idiot but CTF Katana CTF Katana is my thing that right now is just a text file of documents and ideas and a documentation and I material and ideas for things you can try and remember to do and look at for a CTF just do not hesitate to throw random things and try stupid try everything no matter how stupid it might be or how small or completely arbitrary and not unrelated it might be so stag hide is what we needed here stag hide right a thing though and I want to mention is myself and my roommate are trying to actually automate CTF Katana as I would have liked it to be to begin with is as a utility to try all of those things and work with it like given a file given a web address given a string run through things that it might be correlated to and try stag hide or stag soft you know we're working on that and that is a thing but stag hide is installed in my case you might have to see to have to solve it if you don't have it for stag hide you run extract with tack SF for a stego file and you can supply this and oftentimes it'll ask you for a passphrase but you need to remember to do what you need to remember to try is what if there's not a passphrase right stupid dumb I'm sad I'm sad cat that flag there it is that's the challenge maybe it's a rabbit hole maybe you were just digging around that wave archive doing like audio least significant bits iconography I don't know stag hide is all you needed and that does it so remember to try everything and hopefully hopefully hopefully I'll come forth with another tool or something that would help help in that initiative so in that regard another one that I wanted to solve was binary RE just a 50.1 I didn't tackle the others because I do not consider myself very good at binary exploitation and reverse engineering or any of that voodoo stuff that hangs out at DEF CON I don't know I need to get better at that someone needs to teach me no one needs to teach me I just need to like do it myself so if we had a folder for that let's make directory 50 and this challenge is called in plain sight and I'm sure you can obviously already figure out what that means if you download this thing and work with it unzip that we've got a binary here let's check out what it is yep just a binary let's run strings on that and what do you know our flag is in the strings hence the name so not a lot of challenge without not a lot of difficulty but something that must be done and again hopefully CTF Katana once we bring it to life as Katana the utility would just run through that and be able to dig out flags if it finds it etc etc so hey thanks so much for watching guys hope you enjoy this some simple stuff but I wanted to just burn through these in one video because I thought it would be stupid if I created small videos for oh run strings you know and I've done that before so thanks for watching guys I like forgot my outro I like mentally oh goodness if you like this video please do like comment and subscribe I'd love to see you guys in discord server there's a link in the description it's a cool party place we do competitions and capture the flag events like this all the time we love it we talk about it and that's just a cool place to jam we'll be in the voice chat for a lot of these games tamu CTF I'm gonna tackle that next I think yeah yeah I hope to see you there I'd love to see your support on patreon and paypal thank you so much I'm so grateful for each and every one of you try and get the like the fade out in the outro thank you you are you are what helped me going would help this this channel going thank you see you later guys hope to see the next video