Rating:
# **[Neko Hero](https://houseplant.riceteacatpanda.wtf/challenge?id=33)**
### 50 Points
Please join us in our campaign to save the catgirls once and for all, as the COVID-19 virus is killing them all and we need to provide food and shelter for them!
nya~s and uwu~s will be given to those who donate!
and headpats too!
Dev: William
(and inspired by forwardslash from htb i guess)
### Solution:
### Flag:
# **[Deep Lyrics](https://houseplant.riceteacatpanda.wtf/challenge?id=55)**
### 1,487 Points
Yay, more music!
Dev: Delphine
### Solution:
One of my teammates suggested DeepSound. Downloaded it in a VM. Opened the .wav and tada….text file with the flag.
### Flag:
rtcp{got_youuuuuu}
# **[Ezoterik](https://houseplant.riceteacatpanda.wtf/challenge?id=29)**
### 1,833 Points
Inventing languages is hard. Luckily, there's plenty of them, including stupid ones.
Dev: Tom
Hint! You will find what you seek beyond the whitespace
[ezoterik.jpg](https://houseplant.riceteacatpanda.wtf/download?file_key=122f4f2192af3c2baf8e315604c4b155bb5a1b0cf55f32befbd77340484d1f3a&team_key=2f442c580703a2af3b72516afcab8f66a84d3ccd858d0f0cf199e4bdb28231cb) 2ccd8135a03c5936b6f0b4e989db8a30
### Solution:
Opening the image there is a suspicious string of text. I recognized the text from prior CTF’s as a language called “brainfuck”. Lucky day, easy mode. After copying it out and running it through a decoder it spit out “Yeah, no, sorry.” Well played, sir. While the image was running through some stego scripts I pulled it up in a hex editor and saw a very obvious string of text at the end of the file after some whitespace. Probably what the clue was referring to. Copy that out and you’ll get this block of text. Looks like base64, right?
2TLEdubBbS21p7u3AUWQpj1TB98gUrgHFAiFZmbeJ8qZFb9qCUc8Qp6o86eJYkrm2NLexkSDyRYd3X9sRCRKJzoZnDtrWZKcHPxjoRaFPHfmeUyoxyyWQtiqEgdJR1WU4ywAYqRq7o55XLUgmdit6svgviN8qy72wvLvT2eWjECbqHdrKa2WjiAEvgaGxVedY8SRXXcU9JbP5Ps3RY2ieejz6DrF9NBD7mri2wrsyDs9gpVgosxnYPbwjGdmsq7GwudbqtJ7SeKgaStmygyfPast5F3ZKL9KeC2LzCeenffoZ4d4Cna7TZdkUsfdK1HNmoB46fo9jK5ENQwnWdPmZBnZ4h8uDxHpQF74rs3wPcpmch6Byu31och1cyz8JxgXkacHpTrGeAN2bEhRp8kDQpmPtj9QqaAgxTbam9hoB4mvtrRmRx5GnzzZoWW5qDxwMvgKCYWiLwtLcvjDZPNdHGbvFspFeCq7kBcTeyrjYeHxuwwwM1GpdwMdxzNiFK1jYkA4DUZRohuKxeyhBFiY9HuwD6zKf9nZMThoYwTGhAJR2d3GqVqXGsivAKLs1oBzrmH9V6vaMwAjM7Hu69TLfKHtZUThoiEDftxPJdraNxoQps3mFamNbT1U3kRdpAz5s5kq6i2jLBUjBjAdV9N8jWNqx4RgiaHTW5qqb8E6JvHgQyrVkLmMdsjoLAWaWZLRw2pQpBJehRsx1LU6wmAC1nfeLbdQxPmytaMUURBDhHVqPNxwThCzZsnA9RuKrYWGsmyTxCzVUEjvUXaU4hkoV62qn7G1TnVRiADNhRfMnxm8R2ZoSPxEhVaFyHvLweq
Remember this challenge is called Ezoterik. Take a close look and you’ll see there aren’t any I,l,0, or O and some other characters I forget about. Pretty much the stuff that can be confusing when site reading something that isn’t words. Do a search for “base64 encoding alternatives” and you’ll come across base58, which is often used by bitcoin addresses. Throw that text into CyberChef and pull up the convenient base48 recipe. To get….
'<elevator lolwat
action main
show 114
show 116
show 99
show 112
show 123
show 78
show 111
show 116
show 32
show 113
show 117
show 105
show 116
show 101
show 32
show 110
show 111
show 114
show 109
show 97
show 108
show 32
show 115
show 116
show 101
show 103
show 111
show 95
show 52
show 120
show 98
show 98
show 52
show 53
show 103
show 121
show 116
show 106
show 125
end action
action show num
floor num
outFloor
end action>'
What the hell is that? I didn’t recognize the language, but those numbers look alot like ASCII in decimal. Copy those numbers to their own list. Throw them in CyberChef on Magic for kicks and you’ll get the flag
### Flag:
rtcp{Not quite normal stego_4xbb45gytj}
# **[Jess's Guitar](https://houseplant.riceteacatpanda.wtf/challenge?id=22)**
### 1,922 Points
Jess is pretty good at making music
1700X1700
Dev: Daphne
Hint! [https://www.youtube.com/watch?v=QS1-K01mdXs](https://www.youtube.com/watch?v=QS1-K01mdXs)
### Solution:
Based on the hint, I went searching for how to hide text in a raw audio file and came across this [video](https://www.youtube.com/watch?v=tU8WbB9vhDg).
This challenge was pretty much identical to that. I used an online tool, [photopea](https://www.photopea.com/), to open the raw audio and create an image that was 1700x1700. The flag was in the image.
![jess](img/jess.png)
### Flag:
rtcp{j3ss_i$_s0_t@lented}
# **[Imagery](https://houseplant.riceteacatpanda.wtf/challenge?id=60)**
### 1,960 Points
Photography is good fun. I took a photo of my 10 Windows earlier on but it turned out
too big for my photo viewer. Apparently 2GB is too big. :(
https://drive.google.com/file/d/1y4sfIaUrAOK0wXiDZXiOI-q2SYs6M--g/view?usp=sharing
Alternate: https://mega.nz/file/R00hgCIa#e0gMZjsGI0cqw88GzbEzKhcijWGTEPQsst4QMfRlNqg
Dev: Tom
### Solution:
I spent forever on this one just extracting files using binwalk and crawling through those. There were a ton of directions you could go with that as there were images, html files, etc.
I may not have gotten this one except for the fact that I saw a hint in Discord along the lines of `how long is a peice of string(s)? I need to write it down in my Notepad"
This got me digging and I noticed that there were some mention of Notepad in the file. Some googling around and I came across this [post](https://www.andreafortuna.org/2018/03/02/volatility-tips-extract-text-typed-in-a-notepad-window-from-a-windows-memory-dump/) about using Volatility to read a memory dump.
Following that guide I was able to use a newer version of Volatility on this file to get to the flag.
It turns out that `strings -e l imagery.raw | grep rtcp` would have done it just as well.
### Flag:
rtcp{camera_goes_click_brrrrrr^and^gives^photo}
# **[Vacation Pics](https://houseplant.riceteacatpanda.wtf/challenge?id=54)**
### 1,994 Points
So weird... I was gonna send two pictures from my vacation but I can only find one... where did the other one go??
Dev: Delphine
[pictures.zip](https://houseplant.riceteacatpanda.wtf/download?file_key=a1216bb1565899e4dfeb9f91ab5f89ce22ba6bc5320026beb2140dd5a917edc3&team_key=2f442c580703a2af3b72516afcab8f66a84d3ccd858d0f0cf199e4bdb28231cb) 11fdedc0eb1c67ac54b98763f4c09e63
### Solution:
### Flag: