2024-Qualified
Full Prompt:
UEsDBBQAAAAIAGJnVFeSnGW1DwUAAGMUAQAIAAAAaW5mby50eHTtmkGO5EYMBO8G9i/q/3/OwMCI cnOSFLU9BgxsxKmqSGZp4yJheq9Lvvj1113HH4MqQBWgClAFqAJUAaoAVYAqQBWgClAFqAJUAaoA VYAqQBWQVbzuOX0poE0p1dRXzlLeFWjzEilAFaAKUAWoAgYVqVCqqa+9tD1rx14d1zvlLLUsqqoA VYAqQBVwpyI9Q1tNtKGlUM5SfJuS8hYBBVWAKkAVoAr4TMVi+ygltTzvS4VULagCVAGqAFXAZyoW hXOWCjPXO+1ZmSirtlpQBagCVAGqgDsVi2q5Kp2lvMVZG5CuTGOPqqoAVYAqQBXwU7+O/e9WM1dA FaAKUAWoArKKR8y3zIX2rKwKqXB9iipAFaAKUAWsPry/P8s3ts2LvvIEpVCY+1K1jVIFqAJUAaqA 1RukJJZV6mvP5kd6/Rwp9BpRBagCVAGqgP3fK9pCakl58x2lLxXmlCtQCnOzKkAVoApQBdy9QcrT pELqa7neSYW5OfWdQlrNhYMqQBWgClAFrFSk+1Ji2/LfrdK2FA6p5aAKUAWoAlQBDz+8U19Zbaun kO4oZ21L21xWC1QBqgBVgCrg7tex1zulmibSWCGNLZoL24lF1BeqAFWAKkAVMHx4l+mU2G7Lqsym 7SK0bNuAQrmtRRWgClAFqAJWb5C52janZ5jz2rFSaCfasbJKqAJUAaoAVcBnb5C5kFoSqeWcpZTF toylvIIqQBWgClAF3KlYUCbKbLstq7ZQZlPzImAe+0IVoApQBagC9h/e5ZHmQtrOfS2lJW1TfKpe I6oAVYAqQBXwo2+QM/ZJ3mGRt4ifUw6qAFWAKkAV8PANkvpKS+nbnpXCYqKctXnXElWAKkAVoApY qWgvTdXfTCmrOeUKtHnbAFWAKkAVoAq4+/But+csUartxKO809KOpUJpSX1fqAJUAaoAVcCg4ovX E9LEJ1FlbHtWONWyKqgCVAGqAFXA3RukTSzb0reIasfK2Tz7fFVSDqoAVYAqQBWw/3tF2rbN27MS UEJTobS01eeoAlQBqgBVwN0bpF2l5sIiKm3nwhzabtvmgypAFaAKUAXcvUFSIZFa5rPEou81UvrK akYVoApQBagCVirasFQID1gfKcW31bkvNb/eOWfXiCpAFaAKUAU8VDFf8P4I63/2b56V+LRKtFVV gCpAFaAKuPtPBYf0IG2h7SsT81kqtH2L5GtEFaAKUAWoAu7+zNvetzhL1RT6eifNzvGnr0yUs2lc Ff9CFaAKUAXsP7xTWLoqzbbbUtjSTrR55Sw9gSpAFaAKUAU8/PA+q7QtTGn/kFLavkTb0saXsYMq QBWgClAFrD6824jUUprb1dmWvEfNpfAKtMkFVYAqQBWgCvidD+9UTX3l7BFtfHvlzHWPKkAVoApQ Bew/vBPllsUzLKptVJlIzYu8q0MVoApQBagChjfIzOlLE21KuaNdpb650OYdUspBFaAKUAWoAlYf 3m31FWiby9ncXFpSIZHy2mpBFaAKUAWoAu5UpLB5lcZKwLalkPrKqqUNPagCVAGqAFXAD6hI1cRi tm2ZZ1PLIq+gClAFqAJUAZ+pSBNtwNWRmh/dkbbnbNH3hSpAFaAKUAXcqVhUy33z9fOq8HonFdpt Cih9BVWAKkAVoAr4+V/H2ry58O2C17c7WtLYc1QBqgBVgCogq/gjUQWoAlQBqgBVgCpAFaAKUAWo AlQBqgBVgCpAFaAKUAWoAlQBv/76G1BLAQIUABQAAAAIAGJnVFeSnGW1DwUAAGMUAQAIAAAAAAAA AAEAIAAAAAAAAABpbmZvLnR4dFBLBQYAAAAAAQABADYAAAA1BQAAAAA=
How to solve:
At first glance, this looks to be Base64 Encoded data. My first instinct is to use CyberChef and start running recipies on it. So lets get baking!
The output looks like a bunch of gobbledygook, or does it?!?! For anyone who is unaware or have not worked on reversing before, there is this concept of “Magic Bytes” which are basically the first few bytes of a file to signify it’s type. Looking at the output a little closer, you can see that it starts with PK␃␄ signifying that it is a zip file.
Let’s keep baking!
Oh look! There is a file! Let’s download it and check out it’s contents!
Hmm. This seems a bit odd. Looks like it could be binary or some form of “ascii” art. Let’s try zooming out in word pad first and see if there is an image.
Woah! A QR code! But aren’t QR codes normally square? Is there a way that we can make this be square? Let’s try doing some good old-fashioned find and replace. I’m thinking of replacing all the 0s with a space.
Hmm. Still looks a little rectangular. Let’s try zooming out even more!
Now that’s a good looking QR code! Let’s scan it and see where it takes us! Since I like to use my computer and don’t want to use my phone. I’ll snip the QR code and save it as a picture so I can use an online QR code reader. I will use https://qrscanner.net/
Awesome! More stuff that looks to be Base64 data! Let’s go bake some more!
More decoding?!?!?! Well, this appears to be hexadecimal values, which means they can be converted to their ASCII equivalents. Lucky for us, we can add that to our recipe to bake!
There we go! We finally got the flag!
My thoughts:
Kudos to whomever made this challenge! It was fun and definitely required some out of the box thinking to store a QR code at max zoom out in Notepad.