Another year, another UMassCTF. I wrote three OSINT challenges this year, aiming to pick up the harder challenges so my friends could write easier ones. That turned out rather the opposite (ha!), but nonetheless I am quite happy with how my challenges turned out and the general response to them. Next year, given the advent of AI agents (and a general distaste for them from myself), the challenges are going to have to go up a notch yet again.

Funny Business Link to heading

My friend tells me there’s an office of a store that sells special bricks above a well-known shopping centre on this street. My friend tells me I’ll it will bring me joy, but I’m not sure that the bricks are from the famous company. Can you give me the contact email address of the store so I can learn more?

Flag format: UMASS{email@example.com}

I wanted to have at least one challenge that was on theme. I remembered an image that I saw years ago of a LEGO knockoff called Lepin, and thought that it would be a good idea to build a challenge around the alternatives to the Danish company.

The key words in the prompt are “bricks,” “joy,” and “counterfeits.” The image was taken right outside the Ho King Shopping Centre, where the office is housed in the commercial building right above it of the same name. Some basic geodetective work is needed, but due to the many businesses in frame, there are many options for finding the location. If you search “Ho King Commercial Building, bricks” the first result is for Joy Bricks, a seller of toys imitating the famous brick companies style. Click it, and you’ll find the email: joyingwang@gmail.com.

High Performance Link to heading

I’ve heard there’s a computer shop in the area that sells a computer that isn’t designed to run Windows, macOS, or Linux. What’s the processor that’s in their flagship, PCIe-capable system?

Flag format: UMASS{Name of Processor}, i.e. UMASS{AMD Ryzen 7 9800X3D}

As a computer architecture fanatic, I have a soft spot for the weirder, less mainstream architectures. PowerPC falls into that category today, but back in the day, it was a powerhouse. Used in all of Apple’s Macintoshes from the late 90s to the early 00s, three generations of Nintendo home consoles, two Mars rovers that still roam the planet, and the James Webb Space Telescope, among many others, I absolutely love the history that PowerPC brings. One system that adopted the architecture later was the Commodore Amiga, then no longer under the defunct Commodore and struggling to stay competitive as the world trended to the Microsoft and Apple duopoly. Despite this, there is still a market for AmigaOS 4 compatible systems, and one store in Luxembourg sells the most advanced one as of now.

We’re looking for a place that sells a computer that isn’t designed to run Windows, macOS, or Linux that supports PCIe. From the image, it’s fairly easy to geolocate: the license plates, architecture, and language indicate that we are in Luxembourg. From the smokestacks in the background, we can infer this town is more industrial, and narrow it down to Differdange. Searching “Differdange computer store” brings up AAA Technology Sàrl, whose website amigakit.fr has the A1222+, whose motherboard contains the NXP QorIQ P1022, a 32-bit PowerPC chip designed to run AmigaOS 4.1, released in 2014 and still receiving updates!

We Have 图寻 at Home Link to heading

I found a serial NOR flash chip with 1024 KB of capacity running at 108MHz in a children’s toy a while back, but I’ve since lost the chip when I desoldered it to dump it. The only remnant of my search for it was this image I sourced of the office park on the right where the company that made it is located. Can you help me find the name of the chip so I can I replace it?

Flag format: UMASS{name of chip on website}

Based on the landscape, it’s fairly obvious that we’re in China. However, since China doesn’t have Google Street View coverage, we must look to a domestic alternative: Baidu Maps. Based on the general climate and foliage, we can infer that it it somewhere in the south of the country, likely in the Guangdong province. Based on the fact that we’re looking for a company that makes a flash chip, the company is likely based out of Shenzhen, the tech manufacturing hub of the country. A reverse image search confirms this. We can see an empty space near the hill to the south, which looks like we are near the sea. We can search the coasts of Shenzhen, and find a compatible road setup in the west, near the airport. The office park is in its own segment.

Once we find the location, the office park is 明禧创意园, or Mingxi Creative Park. Searching for “Mingxi Creative Park, flash,” the third result is the correct supplier, ChipSourceTek, but the wrong chip. Searching through their other chips will find it easily: XT25F08B-S.

Pretty much every GeOSINT challenge these days uses either real world images or Google Street View as a base, so I thought it would be a fun idea to force people to look elsewhere to geolocate the given image. Thankfully, there’s a Chinese equivalent to GeoGuessr: 图寻 (Tuxun). They even have a whole guide to the Chinese meta! I had an idea to have players find a flash chip from a toy the club disassembled and attempted to dump the firmware of:

While we weren’t successful in dumping anything as this chip is rather obscure, we did have a lot of fun and it was a good adventure, even if we weren’t successful. And, it led to the wonderful world of niche datasheet sites. I think that they provide a good opportunity for some OSINT-ing to occur, being dense in information, yet easily parsable to get the information needed. I don’t think it will be the last time I use them in my challenges.

Anyway, I’m happy with how my challenges turned out despite the short turnaround period I had to write them. Given the amount of AI solves (and DDOSes) we got this year, expect challenges to be even harder next year. This year’s UMassCTF was decided by a single challenge, next year’s will hopefully have greater margins as we adapt to a landscape that I don’t think anyone is particularly keen about.