Previous: Week 1 | Week 2 | Week 3 | Week 4 | Week 5
To be quite honest, this was a terrible week of CTF'ing for me. My main focus this week was on studying for my SANS GASF exam (more on that later) so I didn't get to dedicate much time in playing. With that said, I was able to complete part 1 of 2, partially by dumb luck.
Challenge 6 (Nov. 9-16) The Elephant in the Room (25)
Part One: Hadoop is a complex framework from Apache used to perform distributed processing of large data sets. Like most frameworks, it relies on many dependencies to run smoothly. Fortunately, it's designed to install all of these dependencies automatically. On the secondary nodes (not the MAIN node) your colleague recollects seeing one particular dependency failed to install correctly. Your task is to find the specific error code that led to this failed dependency installation. [Flag is numeric]
What do I know about Apache? It's commonly used for web servers. When error codes come to mind I found a great list of the most common ones.
https://www.digitalocean.com/community/tutorials/how-to-troubleshoot-common-http-error-codes
The answer was totally bruteforced. I wasn't able to find the actual file containing the answer but I ended up figuring out that the proper error code was 404, Not Found, which makes sense if a dependency was missing on the configuration. Now on to part 2:
Challenge 6 Part 2 (Nov. 9-16) The Elephant in the Room (50)
Don't panic about the failed dependency installation. A very closely related dependency was installed successfully at some point, which should do the trick. Where did it land? In that folder, compared to its binary neighbors nearby, this particular file seems rather an ELFant. Using the error code from your first task, search for symbols beginning with the same number (HINT: leading 0's don't count). There are three in particular whose name share a common word between them. What is the word?
Since I didn't actually find the file for part 1, I was in a disadvantage for part 2. Unfortunately I was unable to find any leads and ran out of time for this one. I'm looking forward to reading other people's write-ups.
I'm hoping I find more success in Week 7 with both steps of analysis and answers.