nuno komen205

## CursorTools.json
{
     "tools": [
      {
        "type": "function",
        "function": {
          "name": "codebase_search",
          "description": "Find snippets of code from the codebase most relevant to the search query.\nThis is a semantic search tool, so the query should ask for something semantically matching what is needed.\nIf it makes sense to only search in particular directories, please specify them in the target_directories field.\nUnless there is a clear reason to use your own search query, please just reuse the user's exact query with their wording.\nTheir exact wording/phrasing can often be helpful for the semantic search query. Keeping the same exact question format can also be helpful.",
          "parameters": {
            "type": "object",
            "properties": {

## Charles Licenses
Registered Name: https://zhile.io
License Key: 48891cf209c6d32bf4

## okhttp_traceback.js

var hexToAscii = function(input){
    var hex = input.toString();
    var str = '';
    for (var i = 0; i < hex.length; i += 2)
      str += String.fromCharCode(parseInt(hex.substr(i, 2), 16));
    return str;
  }


## gist:aa415acaa2fbb3a086904cc420a8b323
```
Create removed.txt file
5F 39
33 5F
F8 99
53 34
F8 83
9A F7
DD EE
5C 6F

## gist:685fab2be0c5b8acadb8002a8764d8ad
emoji hunt:
flag{emojis_more_like_free_cloud_storage}
step 1. Copy all images https://squarectf.slack.com/customize/emoji?utm_source=in-prod&utm_medium=inprod-customize_link-slack_menu-click
step 2. follow https://gist.github.com/tobek/a17fa9101d7e28ddad26
step 3. use tab save and download all images
step 4. and you get the flag exiftool . | grep -i "fl "
Fl 1                            : ag
Fl 1                            : ag
Fl 7                            : re
Fl 7                            : re

## gist:8b60daa7a28302743b3a8ba17f363c3e

By connecting to the server we see that it requires one or more inputs, when the input is something like 1 then 1. We encounter a door which requires a password. Now we can look at the binary file.

I used Ghidra to decompile the file at first, then only later used IDA. First, by looking at the strings we can see some strings that we saw on the server output.	I traced them back and found this method.

https://imgur.com/AijEsVe

It is interesting that the function call has an unusual name “fnv_1a_32”. If we search this on google the first search is a wikipedia page “Fowler–Noll–Vo hash function”.

https://imgur.com/NYkjCRm

## gist:c1374b96eb0158a96d682995f79157b4
#!/usr/bin/env python
# -*- coding: utf-8 -*-

# Brute-force string generation
# Copyright (C) 2011 Radek Pazdera

# This program is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
	{
	"tools": [
	{
	"type": "function",
	"function": {
	"name": "codebase_search",
	"description": "Find snippets of code from the codebase most relevant to the search query.\nThis is a semantic search tool, so the query should ask for something semantically matching what is needed.\nIf it makes sense to only search in particular directories, please specify them in the target_directories field.\nUnless there is a clear reason to use your own search query, please just reuse the user's exact query with their wording.\nTheir exact wording/phrasing can often be helpful for the semantic search query. Keeping the same exact question format can also be helpful.",
	"parameters": {
	"type": "object",
	"properties": {
	Registered Name: https://zhile.io
	License Key: 48891cf209c6d32bf4

	var hexToAscii = function(input){
	var hex = input.toString();
	var str = '';
	for (var i = 0; i < hex.length; i += 2)
	str += String.fromCharCode(parseInt(hex.substr(i, 2), 16));
	return str;
	}
	```
	Create removed.txt file
	5F 39
	33 5F
	F8 99
	53 34
	F8 83
	9A F7
	DD EE
	5C 6F
	emoji hunt:
	flag{emojis_more_like_free_cloud_storage}
	step 1. Copy all images https://squarectf.slack.com/customize/emoji?utm_source=in-prod&utm_medium=inprod-customize_link-slack_menu-click
	step 2. follow https://gist.github.com/tobek/a17fa9101d7e28ddad26
	step 3. use tab save and download all images
	step 4. and you get the flag exiftool . \| grep -i "fl "
	Fl 1 : ag
	Fl 1 : ag
	Fl 7 : re
	Fl 7 : re

	By connecting to the server we see that it requires one or more inputs, when the input is something like 1 then 1. We encounter a door which requires a password. Now we can look at the binary file.

	I used Ghidra to decompile the file at first, then only later used IDA. First, by looking at the strings we can see some strings that we saw on the server output. I traced them back and found this method.

	https://imgur.com/AijEsVe

	It is interesting that the function call has an unusual name “fnv_1a_32”. If we search this on google the first search is a wikipedia page “Fowler–Noll–Vo hash function”.

	https://imgur.com/NYkjCRm
	#!/usr/bin/env python
	# -- coding: utf-8 --

	# Brute-force string generation
	# Copyright (C) 2011 Radek Pazdera

	# This program is free software: you can redistribute it and/or modify
	# it under the terms of the GNU General Public License as published by
	# the Free Software Foundation, either version 3 of the License, or
	# (at your option) any later version.