AnyRun Christmas CTF
Keen-eyed Tweeps may have noticed that AnyRun tweeted out a Christmas CTF in their Xmas post card this year (see above). I enjoy a good CTF and with some help from @KrabsOnSecurity we uncovered a code for a free trial of AnyRun Explorer (an account option which is not on the pricing package).
The CTF started with the above tweet, which contains a QR code. Once scanned a message appears:
Using the built-in QR code scanner on my iPhone the code, the message appeared. I then chucked this into base64decode as I have inspected enough malicious code to realise when it is encoded this way:
This revealed a glowing Christmas tree produced by a PowerShell script that, when downloaded, contained the code for the CTF:
And voila! We earned ourselves a nice trial of AnyRun explorer after a short CTF on Twitter:
References:
https://app.any.run/tasks/cc038438-ca6b-4eb7-9382-7e4c61a58f3b
https://twitter.com/anyrun_app/status/1342082317385396225?s=20
___________________________________________________________________________________
I do enjoy a good CTF, if you also like CTFs, then feel free to check my own CTFs created for investigators to do some OSINT: