The first part of the challenge is to find the initals of the club Alex was in university. Googling “Alexander Taylor Raytheon” brings up his LinkedIn, which shows that he went to the University of South Florida and was president of the Whitehatters Computer Security Club. Using the format:
http://fuzyll.com/csaw2015/<initials here>
http://fuzyll.com/csaw2015/wcsc
is the first part. It says:
CSAW 2015 FUZYLL RECON PART 2 OF ?: TmljZSB3b3JrISBUaGUgbmV4dCBwYXJ0IGlzIGF0IC9jc2F3MjAxNS88bXkgc3VwZXIgc21hc2ggYnJvdGhlcnMgbWFpbj4uCg==
The base64 translating to:
Nice work! The next part is at /csaw2015/<my super smash brothers main>.
Redbeard revealed it was yoshi, through a guess or knowing Alexander himself.
http://fuzyll.com/csaw2015/yoshi
reveals nothing but an image of yoshi. Reverse image searches brought up nothing. But downloading the image and running strings
on it gets:
CSAW 2015 FUZYLL RECON PART 3 OF ?: Isnt Yoshi the best?! The next egg in your hunt can be found at /csaw2015/<the cryptosystem I had to break in my first defcon qualifier>.
Going through a list of cryptosystems, http://fuzyll.com/csaw2015/enigma
was the fourth part:
CSAW 2015 FUZYLL RECON PART 4 OF 5: Okay, okay. This isnt Engima, but the next location was "encrypted" with the JavaScript below: Pla$ja|p$wpkt$kj$}kqv$uqawp$mw>$+gwes6451+pla}[waa[ia[vkhhmj
var s = "THIS IS THE INPUT"
var c = ""
for (i = 0; i < s.length; i++) {
c += String.fromCharCode((s[i]).charCodeAt(0) ^ 0x4);
}
console.log(c);
When ORd with that same string, the encrypted string will show the plaintext. Plugging this into the Chrome Developer Console:
var s = "Pla$ja|p$wpkt$kj$}kqv$uqawp$mw>$+gwes6451+pla}[waa[ia[vkhhmj"
var c = ""
for (i = 0; i < s.length; i++) {
c += String.fromCharCode((s[i]).charCodeAt(0) ^ 0x4);
}
The result is “The next stop on your quest is: /csaw2015/they_see_me_rollin”.
FLAG:flag{I_S3ARCH3D_HI6H_4ND_L0W_4ND_4LL_I_F0UND_W4S_TH1S_L0USY_FL4G}