 Hey, YouTube, this is a video right up for the challenge Polyglot from CodeFest CTF 2018. Challenge from here essentially gives us some C source code and apparently a compiler or GCC weird thing, but we actually didn't end up even using or needing at all to solve the challenge. Props to, I think it was Sauronint on the Discord server in our Discord team and the team that we played with to tackle this. He just like stumbled upon it and totally solved it and super duper cool. So props to you showcasing it because of you. We actually have, I went ahead and downloaded the source code here, so let's take a look at it. And what we particularly notice in the source code is that it has a lot of peculiar white space in it, like random spaces and tab characters. So this is a pretty good indicator of something like white space, where maybe trying to hide a message or information out of spaces and tabs, which could actually be interpreted as binary ones and zeros. So that's what we tried to go with. And let's actually create a script to go ahead and work with that. I'll call this just a get flag dot pie. Pretty confident that we'll get the flag with this. Don't need to call it A or whatever. Let's go ahead and actually open up the secret file, secret dot C, and try and handle it and work with it. I should go ahead and do this with like a contact manager because people are hating on me for that, but whatever. Let's just actually get the new lines off of it in our read lines because we want to read through this line by line for X and this thing and then H dot close. Okay, so for line in C, we can print that line. And then we have the source code written here with the spaces and tabs and all that included. Let's go ahead and try and scrape out just those characters. Let's go ahead and import regular expressions. I did this XE all the way to the very end without the new line character because read lines will create a list or an array for us, but will include the new line characters at the very end. I don't particularly want them. So let's run now all read off find all with our line, but let's get any rostering for one thing. Let's get any multiple of white space characters. So see what we've got here. Find all, sorry, run this. And now you can see, okay, sometimes we are getting a actual occurrence where we match multiple space characters or a tab character, et cetera. So we can say num or whatever, whatever temporary variable that we want. So if we actually got a result, so if it's not an empty array, we can say this, it can go ahead and equal a joined position of num. So we'll print these all out. And let's go ahead and replace them so we can change all the space characters to something like a one or a tab character with a zero. Let's go ahead and print all these out. So now we have potential binary characters and values here. Let's switch these around. We're going to end up having a 50-50% chance. But okay, some of these may be in the range of zero to 255 or actually in the ASCII range. So we consider these to be binary with int2. Now we get the numbers that were visible. Some of them may be in the range zero to 255. So they may be ASCII characters, like I said. Let's go ahead and add these in the character form. Now let's just say num can equal that value. And if num is actually in the range from 255, let's add it to a flag variable that we'll have right up here. Flag can equal an empty array. And then if it is in that range, we will add a flag append, chr, so the character of that num. And then at the very end, we can print out our flag all put together just like that. So we can see we have something interesting in here like the flag. However, it is reversed. So let's go ahead and reverse our string here. And now let's go ahead and scrape the flag out with just regular expressions. Find all. We'll use a new string with the flag format code fest CTF anything inside the curly braces. And we'll get our results. And we have our flag just like that code faced CTF spaces and tabs are get flag script all combined for us. So a handy dandy thing to just carve through getting those white space characters out. And that's that. That is the polyglot challenge. Let's go ahead and mark this as complete. If we wanted to run that get flag script, save a static copy of it. You can submit that for points handy dandy. All right, special shout out to those people that support me on Patreon. Thank you guys so much. You guys are fantastic. $1 a month or more on Patreon will give you a special shout out just like this. $5 or more on Patreon will give you early access to all the videos I create before I release them on YouTube. If you did like this video, please do like comment and subscribe. Join our discord server link in the description. It's a cool community of CTF players, programmers and hackers. We will be playing ICTF knock CTF and all the upcoming capital flag games as they come forth. It's a cool, cool thing just to have like 700 people on the team and the server and it's a whoever can play. It's open to everyone. We're all about getting people to learn and get better. So please do join. Thanks for watching guys. Again, it'd be awesome. I'd love to see you on Patreon. I'd love to see you in the next video. You're the best.