The vulnerability exploited a classic SQL injection in the login form. By entering the payload below, we bypassed authentication:
Username: admin' ;# |
Password: Anything
Here is the flag:
A secret permission has been discovered. Your task:
On Twitter, you’ll find the final hint:
Twitter Handle: @D4rk_F4t3
Recovered Flag:
NICC{Gue55_wh0'5_b4ck?}
NICC received a mysterious email with an executable file that does nothing. Can you figure out what this executable does?
Upon analyzing the binary in Binary Ninja, we discovered variables hinting at the flag's structure. By examining the sequence, we inferred the correct flag format as follows:
Recovered Flag:
NICC{uhH_fl@g_i_ThInk}
If Loab is back, we might need the council to help us out. The problem is that Anna sent Maya looking for them, but she still hasn't come back. This is her last known location... Maybe you can help find her.
I'd go, but I really don't want to be around those spooky ghost orphans.
This challenge involves uncovering a hidden image within the provided data. By decoding a Base64-encoded string, you will reveal the images that lead you to the solution.
img1.png
, img2.png
, ..., img8.png
).img5
, is the correct one related to the challenge.Simon was spotted dwelling under the clock-tower yet again, this time taking pictures. He seems to have captured a strange object in the far distance going left, right, up, and down, seemingly lost or out of control. There is a strange aura radiating from the photo, pulsations even, like an SOS. Can you figure out this strange phenomenon?
Map.txt
⋔⏃⌿: ⌰⟒⎎⏁, ⎍⌿, ⎅⍜⍙⋏, ⌰⟒⎎⏁, ⎅⍜⍙⋏, ⍀⟟☌⊑⏁, ⍀⟟☌⊑⏁, ⎅⍜⍙⋏, ⌰⟒⎎⏁, ⎍⌿, ⌰⟒⎎⏁, ⍀⟟☌⊑⏁, ⎍⌿
⍀⟒⋔⟟⋏⎅⟒⍀ ⏁⊑⏃⏁ ⍜⎍⍀ ☌⌿⌇ ⟟⌇ ⏃ ⌰⟟⏁⏁⌰⟒ ⎎⎍⋏☍⊬, ⟟⏁ ⍜⋏⌰⊬ ⏁⏃☍⟒⌇ ⏁⊑⟒ ⎎⟟⍀⌇⏁ ⌰⟒⏁⏁⟒⍀ ⍜⎎ ⟒⏃☊⊑ ⎅⟟⍀⟒☊⏁⟟⍜⋏ ⍙⟒ ⍙⏃⋏⏁ ⏁⍜ ☌⍜ (⌇⏁⎍⌿⟟⎅ ⋔⟒⋔⍜⍀⊬ ⋔⏃⋏⏃☌⟒⋔⟒⋏⏁)
MAP: LEFT, UP, DOWN, LEFT, DOWN, RIGHT, RIGHT, DOWN, LEFT, UP, LEFT, RIGHT, UP
REMINDER: OUR GPS IS A LITTLE FUNKY. IT ONLY TAKES THE FIRST LETTER OF EACH DIRECTION (STUPID MEMORY MANAGEMENT)
gps.zip
LUDLDRRDLULRU
Explanation: This password corresponds to the first letters of LEFT, UP, DOWN, LEFT, DOWN, RIGHT, RIGHT, DOWN, LEFT, UP, LEFT, RIGHT, UP
.
gps.zip
⋏⟟☊☊{⊑⟒⌰⌿_⋔⟒_⎎⟟⋏⎅_⏁⊑⟒_⌿⌰⏃⋏⟒⏁_⏚0⍜}
NICC{HELP_ME_FIND_THE_PLANET_B0O}
NICC{UR_4SAK3N_D3CISION}
Mary got a letter from Maya talking about seeing a cryptid sighting but doesn't want other people to know, the only thing attached is this picture? She wonders if there could be a secret message hidden inside.
steghide extract -sf MaryMorse.jpg
M.A.__.R.Y
flag.txt
will be created. Open this file to reveal the flag.NICC{tHe_whIspeRz_iN_Th3_aiR}
For the past three years these characters have appeared in JerseyCTF, SpringForwardCTF, and SpookyCTF - but their lore was kept secret. Can you find the secret in their history?
"NICC"
to locate parts of the flag.NICC{StOr
IeS_DoNt_M
aKe_ThE_cTf_T
oO_cTfY_rIgHt?}
NICC{StOrIeS_DoNt_MaKe_ThE_cTf_ToO_cTfY_rIgHt?}
Mary hid a little surprise for everyone in the SpookyCTF Discord. Can you find it? This challenge does not require sending any messages.
After inspecting the Discord server for anything suspicious, we discovered a hidden, super-secret channel that’s invisible by default. To view this channel, you’ll need a Discord mod like Vencord or BetterDiscord.
TklDQ3t3aFlf
ZDAzU19kSVNjMFJkXzRMbDBXX3RIaVo/fQ==
Combining both parts, the flag is:
TklDQ3t3aFlfZDAzU19kSVNjMFJkXzRMbDBXX3RIaVo/fQ==
NICC{whY_d03S_dISc0Rd_4Ll0W_tHiZ?}