PUBLISHED ON 31/03/2020 — EDITED ON 11/12/2023 — INFOSEC

Pastebin style!

Warming UP

1 Flag format is always esecurity{xxxxx}.

Can you find the first flag? ZXNlY3VyaXR5e3dhcm1pbmdfdXB9


The F word

2 We’ve found this strange code and we’re unsure what it is. Can you help us and decode it and recover the flag?


This txt file wont open? Hm.

2 Can you open this file?

On unixids (MacOS), nobody cares about extensions, magic bytes rule…

Can you see us?

Can you see us? 3 Can you?


curl -I

Some beeping sounds

4 We’ve discovered this strange audio file on one of our servers. It should contain the flag but we weren’t able to recover it. While trying to recover the flag 2 of our team members ended up like Jack Nicholson in The Shining. Third one ended up like Jack Nicholson in One Flew Over the Cuckoo’s Nest.

Hint: don’t forget about correct flag format: esecurity{XXXXXXX}

–..– –..– – — .-. … . .. … ..-. ..- .- .. … - …. . ..-. .-.. .- –. -… ..- - -.. — -. - ..-. — .-. –. . - - …. . -.-. ..- .-. .-.. - .-.. -… .-. .- -.-. -.- . - …

Read the flag to get the answer.



Someone told us that there is something hidden in our logo. Could you please check and let us know?

$ exiftool
User Comment                    : 5c87N7XYVY7kmTLaVN5NU5smnqrL3adgwtSBPd5N

Thanks to EK for cracking this one :D

base58 bitcoin

How About Some Crypto?

5 We encrypted this flag very securely. There is no way you’ll be able to decode it.




This challenge is not meant for you. See, you won’t be able to get the flag:

curl -A "'Mozilla/5.0 (compatible; Googlebot/2.1; +')"

I was cool but now I just zip to forget :(

5 We’ve created this challenge but unfortunately we can’t remember the password. Guess there is no way to recover it now. Maybe we can trow rocks on it and hope it breaks open?

$ zip2john > key.txt
kali@kali:~/Documents/esecurity$ john --format=zip --wordlist=/usr/share/wordlists/rockyou.txt key.txt
Using default input encoding: UTF-8
Loaded 1 password hash (ZIP, WinZip [PBKDF2-SHA1 256/256 AVX2 8x])
Press 'q' or Ctrl-C to abort, almost any other key for status
Badminton1234    (
1g 0:00:10:13 DONE (2020-03-31 14:48) 0.001629g/s 18526p/s 18526c/s 18526C/s Bado89..Badgirl01
Use the "--show" option to display all of the cracked passwords reliably
Session completed
kali@kali:~/Documents/esecurity$ 7z e

7-Zip [64] 16.02 : Copyright (c) 1999-2016 Igor Pavlov : 2016-05-21
p7zip Version 16.02 (locale=en_US.UTF-8,Utf16=on,HugeFiles=on,64 bits,1 CPU Intel(R) Xeon(R) CPU E5-2676 v3 @ 2.40GHz (306F2),ASM,AES-NI)

Scanning the drive for archives:
1 file, 231 bytes (1 KiB)

Extracting archive:
Path =
Type = zip
Physical Size = 231

Enter password (will not be echoed):
Everything is Ok

Size:       39
Compressed: 231
kali@kali:~/Documents/esecurity$ cat flag.txt

Home Sweet Home

6 Our security engineers hardened this flag so it’s only accessible within our own network. There is no way you’ll be able to recover it:

curl --header "X-Forwarded-For:" "

Leak me

6 I just came here to show you my crazy php coding skillz:

this is my php script. actually it's not a php script, it's just text
file with a fancy extension.
Don't be harsh, I'm still learning this.
After almost 60 days stuck in it,
I've finally managed to learn how to exit vim but
during exiting I've probably made some changes
to vim configuration and some hackers told me that
now my source code is leaking.
Please don't hack me.

Vim is storing backup files with ~.

It Came From God

6 You’ll retrieve this flag only by praying


101 115 101 99 117 114 105 116 121 123 99 111 100 101 95 111 102 95 103 111 100 125 esecurity{xxx}

Easier way:

Thanks to EK for cracking this one with me.

OSINT and Crypto


First you’ll need to find out who I am. That will help you to decode this message.

I’m the one who invented both of these stuff:



json and encoding

##My Secure Blog 10 No more Wordpress for me, I’m not a noob anymore. I’ve created this static html website, super secure, unhackable. Wordpress is now removed and I have backups and version control. No way you’re be able to hack me.

Check it out:


<!--Don't forget to remove version-control system from web root before deployment -->
kali@kali:~/opt/dvcs-ripper$ dirb

DIRB v2.22
By The Dark Raver

START_TIME: Wed Apr  1 12:25:28 2020
WORDLIST_FILES: /usr/share/dirb/wordlists/common.txt



---- Scanning URL: ----
+ (CODE:200|SIZE:23)
+ (CODE:200|SIZE:1614)

END_TIME: Wed Apr  1 12:28:29 2020

ref: refs/heads/master

kali@kali:~/opt/GitTools/Dumper$ ./ aa
# GitDumper is part of
# Developed and maintained by @gehaxelt from @internetwache
# Use at your own risk. Usage might be illegal in certain circumstances.
# Only for educational purposes!

[*] Destination folder does not exist
[+] Creating aa/.git/
[+] Downloaded: HEAD
[-] Downloaded: objects/info/packs
[+] Downloaded: description
[+] Downloaded: config
[+] Downloaded: COMMIT_EDITMSG
[+] Downloaded: index
[-] Downloaded: packed-refs
[+] Downloaded: refs/heads/master
[-] Downloaded: refs/remotes/origin/HEAD
[-] Downloaded: refs/stash
[+] Downloaded: logs/HEAD
[+] Downloaded: logs/refs/heads/master
[-] Downloaded: logs/refs/remotes/origin/HEAD
[-] Downloaded: info/refs
[+] Downloaded: info/exclude
[+] Downloaded: objects/39/42bcae4b0bee131298b40f4a7c5afcb490fab2
[-] Downloaded: objects/00/00000000000000000000000000000000000000
kali@kali:~/opt/GitTools/Extractor/aa$ ./ ../Dumper/aa/ aa
kali@kali:~/opt/GitTools/Extractor/aa/0-3942bcae4b0bee131298b40f4a7c5afcb490fab2$ grep -H esecurity *
grep: css: Is a directory
grep: images: Is a directory
grep: includes: Is a directory
grep: js: Is a directory
grep: maint: Is a directory
grep: network: Is a directory
grep: user: Is a directory
users.php:secret esecurity stuff: ZXNlY3VyaXR5e2dpdF9kdW1wZXJfb3duc195b3V9
	repositoryformatversion = 0
	filemode = true
	bare = false
	logallrefupdates = true
kali@kali:~/Documents/esecurity/aa$ echo 'ZXNlY3VyaXR5e2dpdF9kdW1wZXJfb3duc195b3V9' | base64 -d


import codecs

See Also