[CTF] TFC CTF 2022 - Writeup

Reverse - COLORS

This challenge was pretty amazing. It involves iOS app reversing and I am completely new to it. I haven’t done proper reversing on the app, you know dicompiling code and stuffs like that, but used a pretty nice tool which I recently got experienced with.

The tool I used is MobSF, I have made a post on it in my Linkedin Profile.

Anyway with MobSF solving this challenge was really easy.

flag 1 : contacts

flag 2 : http://localhost:8080

Forensics - BBBBBBBBBB

In this challenge we are given a image and the description is full of B. I tried to open the image but it was corrupted. Looking at the hexdump of the file we can see interesting data, there is lots of B in repetition.

I thought of removing those Bs from the image. I made a small python script to do the job.

with open("chall.jpg", "rb") as bad_img, open("flag.jpg", "wb") as flag_img:
    corrupted_data = bad_img.read()
    flag_img.write(corrupted_data.replace(b"BBBBBBBBBB", b""))

Boom , that worked.


In this challenge we are given a zip file , unzipping it gives many other zip files. Upon unzipping those giving CRC error.

At first i thought those CRC checksums might have some meaning, so collected all good and bad CRC of those zips and converted the hex into text in Cyberchef, But they didn’t had any useful data.

So next thing i tried is checking the strings. After collecting all interesting characters from the strings result I got a strange text eRr0r_1n_c0mpresS1oN. Again its a fail, because the hint have flag does not contain any variation of the word 'compress'.

Well both methods failed, although I was pretty sure there is something with CRC. So i tried my last resolve by googling Zip CRC CTF hehe. The first result was this tool named zip-crc-cracker. I didn’t waste a single moment, quickly cloned the tool and run it against all the zips and got the flag.

flag : TFCCTF{ch3cksum2_g0od}