13.10.2018


GVTs - wearegvts.com
HumanCTF 2018 - Reverse - Trash Challenge

HumanCTF was the 3rd CTF that we’ve joined and this is the 1st write-up for us all.
Nearly all web challenges were simple as viewing sources, visiting robots.txt files and etc.
But we are new to reverse challenges and our solutions of gettings flags may be weird as hell.

For “Trash” challenge, there is a .exe file named TrashCTF.exe
SHA1SUM: 68E594699DEADF014CD47EBC155CD60DF2A82E09

Its size 3.4 MB and it might be relatively big for a CTF challenge.

Once we opened this file in CodeReflec 1.0.8 it required nearly 5 minutes to open and we saw that there are thousands of “call voids”.


These calls simply must track to the end: obviously the flag.
We still do not know how many calls there are  in that TrashCTF.exe

So we started with the “Main(String)”s call:



It tracked another:



There might be a shortcut to figure this out but we tought that a simple mouse click makro would work fine.
We might try to find the Flag by searching but there were lots of flags also.
Here is some of the false flags:
HumanCTF{EYZGIKXPISEROEBNRMGMIDY}
HumanCTF{NLRPSVMLBGZGKPPWIFOUSUNXXZAAWVUCWV}
HumanCTF{HIHJHXIYJSZLGPTRKGOCR}
HumanCTF{LPCNPVYCOMZVENKQJGNM}
HumanCTF{AHVPAOPCHPXUDZHXPPXCATJFM}

And these were only the top of the list.

After nearly 10.000 clicks, we got the flag:




It was HumanCTF{ULADYBZVKJTRFXYYCPYMTUFYZ}

We also can verify that with the exe file: