WRITEUP CTF – DRAGONJARCON 2024

Posted on March 8, 2025April 5, 2025CTF

Last year, like every year, the DragonJAR Security Conference 2024 edition was held. Although I tried to go due to health reasons, it was not possible to attend in person, however, I was watching all the conferences on the DragonJAR youtube channel. 

During the event, the CTF starts, for which you have to register, time is limited so you have to be fast and precise. On this occasion, 4 challenges were presented by HackRocks. Of these challenges, I was only able to solve 3, knowledge in CTFs and time play a fundamental role, since I was working and the little time I had I dedicate it to this and to my health.

The first challenge: “Dragon.jar”

The challenge was a .jar file, and the description was as follows: “Your mission is to delve into Merlin’s intricate web of magion and unravel the secrets of the spell. A mysterious program holds the key to unleashing the Dragon, but it’s up to you to analyze its hidden mechanisms.”

After some research looking at the file’s strings and analyzing its metadata, I decompiled the file using the jadx tool. Going to the Main class, I found the value of the flag: “r3v3rsing_p3rf3cted.”

The second challenge: “El Secreto del Mago”

The challenge description read as follows: “The classified archive is in your possession. At first glance, it may seem ordinary, but it’s a puzzle designed to protect the critical information within. Analyze every detail, even the most subtle aspects, and unravel the hidden information to understand the potential threat posed by the enigmatic Wizard Merlin.”

Something typical that I look at in CTF when it comes to files is to review them with the strings command, in addition to this I am inclined to review metadata, using a web service like “https://www.metadata2go.com/” which shows the metadata of the files I found the flag in one of its values.

The third challenge: “Ecos del Éter”

This third challenge, “Echoes of the Aether,” said in its description, “Legends speak of a hidden realm, a digital sanctuary where secrets are guarded by ancient protocols. You have been tasked with venturing into this ethereal network, guided by whispers of hidden treasure. Analyze a Captured Network Traffic Archive, a digital artifact that whispers secrets through a Wi-Fi connection.”

This third challenge was a “wifi__capture.pcap” file. This type of “.pcap” file saves exact copies (bit by bit) of the packets that passed through a network interface over a period of time. The tool par excellence for analyzing this type of file is called Wireshark. We opened the file with Wireshark and began analyzing the frames, typically one by one. However, unusual TCP packets were detected, coming from the IP address “192.168.1.100.” By applying a filter to display only frames from this IP address, these values were identified.

Sin embargo algo no cuadraba el orden tratando de descifrarlo se probaron las diferentes combinaciones hasta dar con la correcta por lógica “FLAG{W1F1_H4CK3D}”

The fourth challenge: “El eco de la magia”

I spent a couple of hours reviewing what I could do with this pwned-type challenge, but honestly, I didn’t have the knowledge or the time. Although I understood that it involved exploiting a kernel file hosted in the “vomix.ko” file, most of my acquaintances at the event couldn’t solve it either. Although I couldn’t attend, I found the challenges entertaining, and I finished in #58. I hope to attend DRAGONJARCON 2026 this year.