Adds CTFs to content

Add CTFs from 2024 to the content, htb apocalypse, spookyCTF,
buckeye ctf and some edits to the 404 ctf

content/writeups/2024/spookyCTF/reverse/my_assm_hurts/index.md

@@ -0,0 +1,31 @@
++++
+date = '2024-10-28T09:17:00+02:00'
+draft = false 
+title = 'My assm hurts'
+tags = [ 'reverse' ]
++++
+
+## Intro 
+
+Name: my-assm-hurts  
+Description: As Mary was attempting to time travel, she slipped on a patch of ice and landed on her butt. While getting up from the ice, she found a cool-looking USB flash drive containing a file with some system code. Can you help Mary decrypt what information the file has?   
+Author: [TomB](https://github.com/Tomaszbrauntsch/)  
+
+This will be reverse.
+
+We get a file that looks like assembly or some intermediate compilation step, who would want to read that.
+
+## Solve
+
+I asked chatgpt to solve the challenge for me, thank god it did, I really didn't want to read that.  
+There was a link to the original transcript but it's down now.
+
+## Retranscription
+
+In the following I removed some parts where I was trying to see if it was possible to compile the file.  
+
+- me : By analyzing the file tell me exactly what the program does  
+- chatgpt : blablabla, By analyzing the character codes (strings like string8, string10, etc.), the program builds the text "NICE_{Hey_this_is_COOL}", blablabla   
+- me (in my head) : *Humm this looks like a flag however it is not the right format lets ask again*   
+- me : Are you sure this is the right string, analyze again to make sure (use a different method)
+- chatgpt : blablabla, the flag is `NICC{hEy_th1s-is_Co0L}`

content/writeups/2024/spookyCTF/reverse/the_gates_are_closed/index.md

@@ -0,0 +1,32 @@
++++
+date = '2024-10-28T09:17:00+02:00'
+draft = false 
+title = 'The gates are closed'
+tags = [ 'reverse' ]
++++
+
+## Intro
+
+Name: The gates are closed
+Description: A USB drive was found in front of the locked gates of an abandoned cemetery. It may contain information regarding the strange sightings reported to nearby authorities in the graveyard, which NICC decided to investigate.
+Author: [LoadinConfustion](https://github.com/loadinconfusion)
+
+This will be a reverse engineering challenge as we are not provided a remote.
+
+## Solve
+
+I first execute the file and get : `Nothing is going on here... :D`
+I then run `strings` on the file and get
+```
+_ITM_registerTMCloneTable
+PTE1
+u+UH
+TklDQ3s0X1IzNGxfRmw0Z30=
+Nothing is going on here... :D
+;*3$"
+GCC: (Debian 13.2.0-13) 13.2.0
+Scrt1.o
+```
+
+We find a base64 encoded string, we decode it (`echo TklDQ3s0X1IzNGxfRmw0Z30= | base64 -d`) and get the flag.
+`NICC{4_R34l_Fl4g}`

content/writeups/2024/spookyCTF/reverse/what_flag/index.md

@@ -0,0 +1,29 @@
++++
+date = '2024-10-28T09:17:00+02:00'
+draft = false 
+title = 'What flag'
+tags = [ 'reverse' ]
++++
+
+## Intro
+
+Name: what-flag  
+Description: NICC recieved a mysterious email with an executable file that does nothing. Can you figure out what this executable does?  
+Author: [TomB](https://github.com/Tomaszbrauntsch/)
+
+This is reverse engineering.
+The binary is not stripped, lets go with binary ninja.
+
+## Solve
+
+Main does nothing however we see a few functions named : u, h, h2, f, l, a, g
+Looking inside of them we see what seems to be part of the flag.
+Let's put these together
+- u : `NI`
+- h : `CC`
+- h2 : `{`
+- f : `uhH`
+- l : `_fl@g`
+- a : `_i`
+- g : `_ThInk}`
+We get : `NICC{uhH_fl@g_i_ThInk}`