ctf

ØxOPOSɆC | Neuromancer

Inês Martins

3 min read
ØxOPOSɆC | Neuromancer

This month, I was responsible for putting together the ØxOPOSɆC monthly challenge.

Even though the competition is done, if you want to try it out yourself the application is still available here.

So, if you don't want spoilers, stop reading!

Onto the solutions!

The challenge consisted of a Heroku app with a very simple interface. If you took a closer look at the source code you'd see only an <img> sourced from Wikipedia (to prevent you from straying into steg territory) and an interesting comment:

By googling the entire thing, you'd see that this is a quote from the book "Neuromancer", but with a slight difference:

So, your first official hint was "how do you get in?", which should get you thinking about authentication and point you in the direction of the login page:

If this page is under development, maybe the developers have already implemented the authentication mechanism ...

Yup, now we're getting somewhere.

Hint 2: How much do you know about Neuromancer?

Just in case you thought this authentication feature had some interesting vulnerability, I released another hint to lure you in the right direction - OSINT.

At this point, you could either solve this by brute-forcing or by googling.

Option 1 - Brute-force

You could use a wordlist generator like cewl, which (depending on the source you used) would most likely output the username and password on the top 50 words.

If you then removed "common" words, this list would shrink down to 20, which means you could easily go through all of the possible combinations for both fields and solve the challenge:

Option 2 - Googling

You could start by searching for the book's character list:

Neuromancer doesn't have a lot of characters in general, and the username - case - is the main character, so this was pretty straightforward.

Also, as soon as you tried case as the username, you'd see that the response was now different:

From this point on, you could again brute-force for the password or you could google "Neuromancer password", which would take you to this stackexchange question:

Although not the password in the book, wintermute was indeed the password for this challenge:

That's it, hope you enjoyed it!

Sign up for more like this.

Enter your email
Subscribe