Challenge
Thank you, our holiday l337 hax0r, for saving Christmas! Let’s unwind and embrace the cozy atmosphere, cherishing the holiday spirit with our beloved family and friends. As the final challenge, I’ve hidden a special Christmas greeting in my living room as an “easter egg” just for you to discover. Merry Christmas and happy searching!
Solution
This was a simple reverese engineering challenge. Looking at the website code, we see that it is highly obfuscated. But one function stands out _0x1f9b39.
This function takes in a number as its argument and returns a string. This function is called several times with different numbers and added together. I wnt thorugh the code and ran the function and replaced the function call with the returned string.
Running this code in the website console gives me the string MerryChRistmaS.json.
_0x1f9b39(33)[_0x1f9b39(22)](2, 4) +
_0x1f9b39(33)[_0x1f9b39(22)](3, 5) +
_0x1f9b39(45)[_0x1f9b39(22)](3, 4) +
_0x1f9b39(16)[_0x1f9b39(22)](0, 1) +
_0x1f9b39(41)[_0x1f9b39(22)](-7, -5) +
_0x1f9b39(18)[_0x1f9b39(22)](10, 12) +
_0x1f9b39(13)[_0x1f9b39(22)](0, 2) +
_0x1f9b39(33)[_0x1f9b39(22)](5, 6) +
_0x1f9b39(4) +
_0x1f9b39(5)Since this code was related to a GET request, I go to the URL http://51.120.248.76:1342/MerryChRistmaS.json
The flag was in the json file.
"We at OMEGAPOINT{s1nc3r3ly_w1sh_y0u_4_m3rry_chr1stm4s!!!}"flag: OMEGAPOINT{s1nc3r3ly_w1sh_y0u_4_m3rry_chr1stm4s!!!}