NahamCon 2022 CTF Write-up: “No Space Between Us” Challenge
My approach and learnings from solving the ‘No Space Between Us’ challenge as part of the NahamCon 2022 CTF. This specific challenge was only solved by 62 teams out of over 4,000 teams who participated in the CTF.
I recently took part in the awesome 2022 NahamCon CTF as part of the NahamCon free virtual security conference hosted by STOK, John Hammond and NahamSec .
This has been the first CTF I have participated in for a while and I only had a few hours to put into it, so I hadn’t been able to participate in all of the challenges. The challenges I was able to attempt were great and I have learned a lot.
In this blog post, I will share my solution to the “No Space Between Us” challenge (written by @Kkevsterrr) and try to describe my thought process in the hopes that it will aid you when approaching similar challenges.
Let’s dive in…
No Space Between Us — Walkthrough
As you can see in the challenge description, there appears to be a creative storyteller bot in the CTF’s Discord server, but the interesting part of the description was the second part of the sentence which states:
“There needs to be zero space between us”.
At this point, I went over to Discord and DM’d the bot.
From a first glance, we can’t see anything suspicious about the first story.
When I asked the bot for story #2, I noticed there are multiple line breaks (spaces between the lines), which given the description of the challenge made me think could be relevant to the solution.
At this point I decided to copy the stories to a simple web-based tool that allows viewing non-printable characters (vim would also work):
We can see that there are indeed line breaks, yet more interestingly, we can also see several occurrences of the `U+200C` and `U+200D` Unicode characters.
A quick google search reveals that these characters represent ZERO_WIDTH_JOINER and ZERO_WIDTH_NON_JOINER which are both instances of Zero-Width Spaces.
Ok so by the challenge description it seems that we are on track, yet how can we get a flag out of these characters??
At this point, I was not sure how to proceed so I tested some basic assumptions.
First, I wanted to know how many stories the bot has?
A quick interaction with the bot revealed that it has 37 stories:
Next, I wanted to see whether the text has any meaning or is it random. When asking for the same story twice, I understood that the bot tells a different story each time, yet the zero-width characters sequence remains identical.
That means the text is irrelevant, what we need is only the special Unicode characters. Yet I still didn’t know how to get from these sequences of special characters to a flag.
CTF Tip: whenever you feel you have a good direction in a CTF challenge yet you are not sure how to proceed try to do a Google search with the word `CTF` and the lead you think you have. Sometimes, learning from other similar challenges can give you a nudge towards the right track.
In this case, the search I did was: `CTF Invisible whitespace`.
As you can see ☝️, the second result is a link to a YouTube video by John Hammond (who is interestingly enough one of the CTFs organizers!), explaining how one can use Zero-Width Spaces to hide secret messages.
Bingo!
After watching the video, I realized that the special characters represent binary bits. Since we have eight such characters in each story, the sequence of each eight binary bits likely represents an ASCII character. Hopefully, if we combine the ASCII representation of the 8-bit sequences from each story, we will get our flag.
Time for some scripting to validate our assumption.
I wrote the following Python script that takes a raw bot story text as input, extracts the special characters out of it, and transforms these characters into a sequence of binary bits:
For this story ☝️, for example, the script prints out the following binary sequence: 01101100 .
Running this logic on all the stories and pasting the result in a simple web-based Binary-to-ASCII converter gets us the flag!
Great Success!
As you can see in the screenshot, at this point, I was missing the letter `f` from the word flag. This made me realize I have missed one additional story — Story 0.
All that is left is to submit the flag: flag{e4e5ad33eb16426d52b94e398e593466}
Final Notes
I hope I’ve been able to convey the thought process I went through while solving this challenge and that you enjoyed reading the writeup.
I hope to write a few additional blog posts in the near future for other challenges I found interesting and from which I feel there is something to learn.
I want to take this opportunity to express my appreciation to the CTF organizers and challenge builders for their efforts. The entire event was extremely well-organized and I had a blast!
Feel free to reach out if you have any questions.
Twitter: @pyotam2
