AUCTF – Who Made Me

Oregon State University Security Club

AUCTF – Who Made Me

950 points

Prompt

One of the developers of this CTF worked really hard on this challenge.

note: the answer is not the author’s name

Author: c

Solution:

Now for a much more real-world OSINT challenge. First, I started by doing a bit of recon. I ascertained that:

  • AU in AUCTF is for Auburn University (homeapge)
  • AUCTF is run by members of the AUEHC (Auburn University Ethical Hacking Club). AUEHC is comprised of members:
  • AUCTF Discord is run by discord users:
    • c AKA _c#9643
    • FireKing AKA Iamfireking#2686
    • JohnsonJangler AKA JohnsonJangler#0353
    • Kensocolo AKA Kensocolo#1000
    • nadrojisk AKA nadrojisk#6700
    • OG_Commando AKA The OG Commando#6632
    • vincent AKA FlaminArrowz#5042
    • 死神 (shinigami) AKA demarcus1621#6819
  • AUEHC also has a Github Organization, which the following github users are a part of:
    • Demarcus Campbell AKA demarcus1621
    • Jordan Sosnowski AKA nadrojisk
    • Vincent Chu AKA vincentchu37
  • Within that organization are repos for:
    • AUCTF-2020 Which contains entirely commits by nadrojisk, with a pending pull request formulated by demarcus1621, with nothing interesting in it.
    • Their site
    • Past competitions, mostly irrelevant to this challenge.
  • Reddit account has posted three things, none of which are of use here: https://www.reddit.com/user/auehc/
  • CTFTime Team AUEHC only has one player, nadrojiskhttps://ctftime.org/team/82180

With that in mind, I went about composing this table:

NameDiscordGithubGitlabTwitterNotes
Jordan Sosnowskinadrojisk AKA nadrojisk#6700https://github.com/nadrojiskNAhttps://twitter.com/nadrojiskAll commits to the challenge repo. Prime suspect. Nothing interesting on twitter
Vincent Chuvincent AKA FlaminArrowz#5042https://github.com/vincentchu37https://github.com/vincentchu37/gitlabPrivateHas commits to the site @ https://github.com/auehc/auehc.github.iohttps://www.linkedin.com/in/vincentchu37/
Demarcus Campbell死神 (shinigami) AKA demarcus1621#6819https://github.com/demarcus1621NADoes not ExistHas pull request to auehc/AUCTF-2020 @ https://github.com/auehc/AUCTF-2020/pull/1 but changes only to README.md, and from private repo 🙁
Abhinav V.Kensocolo AKA Kensocolo#1000NANAhttps://twitter.com/kensocoloTwitter, not much found
Charlie Harperc AKA _c#9643https://github.com/chharlesNANAPretty sure this is Charlie Harper

The flag was in a repo that was conveniently not pinned in Vincent Chu’s github. This was in one of the past commits in their repo AUCTF-2020 link archive made by github user chharles, who I have retroactively added to the table above.

auctf{G1tHuB_4lwAY5_r3mEmB3r5_8923_1750921}

~Lyell Read

 

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.