DownUnderCTF 2025 — YoDawg (147 pts)
Description
Dear CSI,
We found this file on a USB drive, it seems to be some sort of gamified cyber skilled based learning system thingy? Maybe if all of the challenges are sold we will get some answers, or maybe it is just the friends we make along the way.
Note - This may produce false positives with your virus scanner.
Regards, Nosurf
Solution
We were given a zip file. Inside:
$ ls
'Yo Dawg.deps.json' 'Yo Dawg.dll' 'Yo Dawg.exe' 'Yo Dawg.runtimeconfig.json'
$ file Yo\ Dawg.dll
Yo Dawg.dll: PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections
$ file Yo\ Dawg.exe
Yo Dawg.exe: PE32+ executable (GUI) x86-64, for MS Windows, 7 sections
The .dll is a 32-bit .NET assembly; the .exe is a 64-bit native Windows GUI. Two approaches: open the .dll in dotPeek, or just run the .exe.
Running the .exe reveals a challenge suite — solve each to get the final flag.
Welcome
The flag format for this CTF is ydctf{some_text}
Good luck! ...oh, your first flag? Here it is!
ydctf{s0mething_1s_wr0ng}
Hidden
Checking dotPeek, the variable lbHidden.Text contains a Morse code string. Decoding it:
YDCTF{HIDDENFLAGNOTSOHIDDEN}
Deeper
The challenge links to a pastebin with RSA parameters (n, e, c, p, q). Simple decryption:
from Crypto.Util.number import inverse, long_to_bytes
phi = (p - 1) * (q - 1)
d = inverse(e, phi)
m = pow(c, d, n)
print(long_to_bytes(m))
ydctf{rsa_erry_day}
Even Deeper
The Form2 code uses Environment.UserName.ToLower() — just submit your own Windows username.
ydctf{<username>}
Truth from Vaas
Who was the voice actor who played Vaas Montenegro?
ydctf{michael_mando}
Salads (Caesar Cipher)
putkw{jltyzjczwv} → ROT-6 → ydctf{suchislife}
Passwords
Hash lookup via CrackStation: ydctf{ihatehackers}
Rotten (ROT-47)
J54E7L5@0J@F0ECFDE0>J04@56nN → ydctf{do_you_trust_my_code?}
Inception — HACKER CTF 1995
Unlocked after completing the above. Sub-challenges:
- DES Encryption: Decrypt
CMpZlgYbgEc6eTSNUPXvww==with keyhack\0\0\0\0→flag{des4eva} - DEFCON 3 Quiz: Casino hosting DEFCON 3 →
Tropicana - Movie Quiz: Best line from Hackers (3 words) →
Hack the planet!
Final flag decrypted via DES:
Flag
DUCTF{1995_to_2025}