Week1

3 minute read

🕵️ Week 1

Category	Author
🕵️ OSINT	Flare.io

Challenge Prompt

Gather close, brave keepers of keyboards and seekers of digital lore. The first quest of the Flare CTF opens today, and with it comes both peril and prize.

A new artifact has appeared in the realm: a limited Flare battle shirt created only for this week’s challenge. Only 20 heroes will earn this relic before the challenge resets.

Guidelines for All Travelers A new challenge is released each week, each one unique and forged to test your skill. The challenge is revealed first in the Flare Academy Discord, followed by its appearance on LinkedIn one hour later. Those who discover the hidden flag may use it to unlock the treasure. Also, the flag itself is the discount code you must type into the checkout box. Each adventurer may claim only one shirt per weekly quest to keep the balance of the realm intact.

Begin Your Journey: https://github.com/swordnshield
Redeem Your Reward: https://merch.flare.io/

Problem Type

OSINT

Solve

I visited the GitHub site and looked around at the content.

I then copied the repo down locally and moved to that directory on my machine:

git clone https://github.com/swordnshield/d20-simulator.git
cd d20-simulator

I then checked the Git logs:

git log --format=fuller --all
commit b6eea5a85ba41f982619b82b168628b56097fc52 (HEAD -> main, origin/main, origin/HEAD)
Author:     bob <212770329+swordnshield@users.noreply.github.com>
AuthorDate: Mon Nov 24 10:55:15 2025 -0500
Commit:     GitHub <noreply@github.com>
CommitDate: Mon Nov 24 10:55:15 2025 -0500

    Add roll-test-chat.txt
    
    Logs from the great IRC

commit 30a0f6d7864084a32147223512684a4126292980
Author:     swordnshield <212770329+swordnshield@users.noreply.github.com>
AuthorDate: Mon Nov 10 21:56:46 2025 +0000
Commit:     swordnshield <212770329+swordnshield@users.noreply.github.com>
CommitDate: Mon Nov 10 21:56:46 2025 +0000

    *Fix typo


commit d739fe641cbecf6a98ce1a5d969fe05e6d98ef32
Author:     swordnshield <212770329+swordnshield@users.noreply.github.com>
AuthorDate: Mon Nov 10 21:56:28 2025 +0000
Commit:     swordnshield <212770329+swordnshield@users.noreply.github.com>
CommitDate: Mon Nov 10 21:56:28 2025 +0000

    Modify readme.md

commit e8db66f69f6550a1381cc357176c896ffa51f599
Author:     swordnshield <212770329+swordnshield@users.noreply.github.com>
AuthorDate: Mon Nov 10 21:52:10 2025 +0000
Commit:     swordnshield <212770329+swordnshield@users.noreply.github.com>
CommitDate: Mon Nov 10 21:52:10 2025 +0000

    Add roll.py

commit 98ac596d04cefb88d212d25787ddd8569032d3bc
Author:     swordnshield <admin@bobshomepage.net>
AuthorDate: Mon Nov 10 21:20:12 2025 +0000
Commit:     swordnshield <admin@bobshomepage.net>
CommitDate: Mon Nov 10 21:20:12 2025 +0000

    Add README.md

I noticed the admin@bobshomepage.net on the first commit and visited the https://bobshomepage.net site.

Screenshot 2025-12-01 185935

I used FFUF to find .html, .php, and .txt files.

ffuf -w /usr/share/wordlists/dirb/common.txt:FUZZ -u https://bobshomepage.net/FUZZ -e .html,.php,.txt

Which found index.html and robots.txt. Then I checked the robots.txt file.

User-agent: *
Disallow: /sealed-chamber-deadbeef.html

I then navigated to bobshomepage.net/sealed-chamber-deadbeef.html.

Screenshot 2025-12-01 190130

Found an image of a D20 with - A picture is worth 1,000 words

In initially reviewing the Github page I noticed that the user had stared 2 repos, one was ExifTool. So I downloaded the D20 image and ran Exiftool on that image, which gave the flag!

exiftool sealed-chamber-deadbeef.png 
ExifTool Version Number         : 13.36
File Name                       : sealed-chamber-deadbeef.png
Directory                       : .
File Size                       : 166 kB
File Modification Date/Time     : 2025:11:25 22:33:31-05:00
File Access Date/Time           : 2025:11:25 22:33:34-05:00
File Inode Change Date/Time     : 2025:11:25 22:33:31-05:00
File Permissions                : -rw-r--r--
File Type                       : PNG
File Type Extension             : png
MIME Type                       : image/png
Image Width                     : 512
Image Height                    : 512
Bit Depth                       : 8
Color Type                      : RGB with Alpha
Compression                     : Deflate/Inflate
Filter                          : Adaptive
Interlace                       : Noninterlaced
White Point X                   : 0.3127
White Point Y                   : 0.329
Red X                           : 0.64
Red Y                           : 0.33
Green X                         : 0.3
Green Y                         : 0.6
Blue X                          : 0.15
Blue Y                          : 0.06
Background Color                : 255 255 255
Datecreate                      : 2025-11-17T16:08:36+00:00
Datemodify                      : 2025-11-17T16:08:36+00:00
Datetimestamp                   : 2025-11-17T16:08:37+00:00
Exif Byte Order                 : Big-endian (Motorola, MM)
Image Description               : A picture is worth 1,000 words.
Resolution Unit                 : inches
Modify Date                     : 2025:11:10 11:09:15
Artist                          : Bob
Y Cb Cr Positioning             : Centered
Exif Version                    : 0232
Date/Time Original              : 2025:11:10 11:09:15
Create Date                     : 2025:11:10 11:09:15
Components Configuration        : Y, Cb, Cr, -
User Comment                    : FLAG: flare{0s1nt_m4st3r_749261}
Flashpix Version                : 0100
Owner Name                      : Bob Giddion
Image Size                      : 512x512
Megapixels                      : 0.262

Flag

flare{0s1nt_m4st3r_749261}

(back to top)

Twitter Facebook LinkedIn

Andrew Kapaldo

Week1

🕵️ Week 1

Challenge Prompt

Problem Type

Solve

Flag

You May Also Enjoy

Week4

Week3

Week2

XDMR