Every 4 characters of b64 data encode 3 "original" characters. It's possible to simply enumerate all possible case combinations of the encoded data in blocks of 4, and see what blocks come out as printable and are most likely to be valid.
Even without using a language model to score possibilities, the number of options is small enough to go through manually and find the correct flag.
Search image to text on Yandex.com, you get something in some other language which is “Чивита ди Баньореджо ”so translate to English you get - Civita di Bagnoregio so search that on google maps and u get roughly 42.627802, 12.113735
Go to the website, and look at the source on GitHub. Then find the most recent commit and there should be a suspicious file, figure out it's a Wireshark file, and then extract data from it. It is an archived file.
Open a websocket connection to wss://eye-sight.ictf.iciaran.com/ws, use the initial message on connection to request the first character then keep passing the next value as the key until you have the whole flag.
The login form is vulnerable to xpath injection, using a password like ' or '1'='1 we can log in to the site, however we need the admin password for the next step so this isn't enough.
Instead we can use the xpath injection to get the admin's password one character at a time.
Once we have the admin password can use xxe to get the contents of flag.txt
Encrypt the same message twice, then bruteforce key1 (24 bits, 3 bytes) using a meet-in-the-middle attack. When the correct key1 was found xor(enc(plain),dec(cipher1)) == xor(enc(plain),dec(cipher2)) == key2. Use that to decrypt the flag. Solve script: https://imaginaryctf.org/f/H3dkv
Find the correct testnet, ropsten, locate the contract.
It checks the flag against a stored hash, but the stored hash was computed during contract deployment.
Find the deploying transaction, dump the data, get the flag.
First some part reverse engineering: you can kinda decompile the bytecode directly on etherscan.
For reference, here's the full original source: https://imaginaryctf.org/f/C29qK
From there, it's mostly a matter of finding the base index of the merkle tree, and building the proof.
The base can be found from data of the deploying transaction. The last 32 bytes of the input there is what you're looking for.
To build the proof: it's a classic merkle tree, except you need to xor in hashes of your address + the iteration in certain places, see the contract source for details.
Performing the actual transaction to claim your winnings can be then done either through some interface like myetherwallet or remix, or you could try to script it.
Use the overflow to set rbp to somewhere in bss section, and return to read part to write rop chain to it. After stack pivot, you can let it return to read part again to have /bin/sh in bss, and pivot it to rop chain. Since read syscall will put the length in rax, you can use SROP to execute execve
Custom "bignum" implementation that is then used to perform a very inefficient modular exponentiation.
Taking the discrete logarithm with e.g. cado-nfs allows to recover the flag.
Original source: https://imaginaryctf.org/f/0fq88