AUCTF - ALIedAS About Some Thing

AUCTF - ALIedAS About Some Thing

Lyell Read

Tags

AUCTF logo

903 points

Prompt

See what you can find.

AUCTFShh

Author: c

Solution

AUCTFShh looks like a username. To find where that username is in use, we can either check manually (as I started out doing), or use some tools from the OSINT Framework Site. Specifically, I used OSINT Framework > Username > Username Search Engines > Namechk.

Screenshot of Namechk service for username ‘AUCTFShh’

I opened each of the greyed out sites in a tab, and looked through each for anything suspicious. The usual suspects (Twitter, Instagram, Reddit) were all blank (even on the Wayback Machine), so on further…

The Steam account by the name of AUCTFShh link archive shows that this user has aliased their user name to youllneverfindmese. Back to Namechk:

Screenshot of Namechk service for username ‘youllneverfindmese’

The first thing I noticed is the PasteBin account listed. Visiting it reveals that this user has one page link archive. It contains:

https://devs-r-us.xyz/jashbsdfh1j2345566bqiuwhwebjhbsd/flag.txt

The devs-r-us.xyz domain is part of another AUCTF challenge, so we know this is the right place to look.

wget https://devs-r-us.xyz/jashbsdfh1j2345566bqiuwhwebjhbsd/flag.txt
cat flag.txt
auctf{4li4s3s_w0nT_5t0p_m3_6722df34df}

~Lyell Read