Source Code Shipping

Instructions

Solution

https://metaproblems.com/8f51bf10edf47bdf321e157fc52236f0/Setup.exe

I downloaded the file, and saw it was an exe. I ran binwalk on it, and it appeared to have some archived packages, so I ran binwalk -X on it, but it seems to be taking a fuck ton of time. I'll toss it in ghidra I guess. No.

Oh, right, I need to run binwalk -e to extract the files. Opened backgroud.gif, it doesn’t have any text. Damn, ok. So I ended up running binwalk -Mre to run the extract recursively, and to delete any empty files. This popped out with a whole ton of shit. I basically walked through the exract tree and manually looked at what was going on. I finally found app.asar and electron.asar in …/lib/net45/resources. I ran strings on this, and after scrolling back up through a shit load of data I found a message about the flag! They tried to get cheeky using FL@G and b64 to hide the flag from grep.

// THE FL@G is right below this message!!
let f = "TWV0YUNURnt5b3VfY29tcGxldGVkX0FfU2VhcmNoX0FuZF9SZXNjdWVfdGhlX2ZsYWdfbWlzc2lvbn0="

Got it! Flag:

MetaCTF{you_completed_A_Search_And_Rescue_the_flag_mission}

Next: Yummy Vegetables