Tricky Drey

NCC CTF 2025 (8th)

June 27, 2025

WE PLACED 8th IN THE COUNTRY! RAHHHH

Here are my 3 key takeways from this conference + CTF!

  1. While placing 8th nationally is something I’m incredibly proud of, this CTF reminded me that the real win is pushing beyond your previous limits. The challenges exposed knowledge gaps, demanded quick thinking, and forced me to adapt in real time. I walked away knowing there’s still so much more to learn and that in CTFs, it’s not about being perfect. It’s about practicing consistently and chasing progress. That is what it takes to become one of the best.

  2. At the end of the day, cybersecurity isn’t just about tools or exploits, it’s about people. This conference introduced me to individuals who were not only technically brilliant, but also incredibly welcoming. Over just two days, I met people who mentored, shared knowledge, and offered real inspiration. Whether it was hearing their journeys or receiving tips for mine, one thing was clear: this community genuinely wants to help. It’s humans taking care of other humans. This makes the community so special.

  3. Opportunities like this are rare and priceless. When one comes your way, you can’t go halfway. You go all in. As students, every dollar matters. That’s why a few of us decided to camp out in Banff, sleeping in tents or even in the car just to make it work. Because to grow and become your best self. Whether in tech or in life, you have to get uncomfortable. The person you want to become? They’re waiting just on the other side of discomfort.

forensics 100 (Edge case)

You just had to look at the code. When I was inspecting the code on my WSL using vim, there seemed to be a lot of empty space between the code and something else.

So when you cat the script, you’re able to see a bunch of random ASCII-like patterns. At the end of the pattern, there was an encoded string in base64.

the command I had used was.

bash: cat -A {filename}

with this I went to a website that decodes base64 and I got the flag.

flag = nccctf{oFF_7h3_GriD_WE_fR3ak!n9_gO}

Misc 100 (VCS)

For this challenge, we had to download a .tar.gz file. At first, I wasn’t sure what “VCS” meant in a software development context—but after a quick check, I realized it stood for Version Control System.

From there, I started looking into how to search through Git logs. I dug through various code snippets and commit messages, but all the pushes and changes yielded nothing. I even checked for deleted files, but still came up empty.

Eventually, I installed qpdf and started grepping through the Git files, looking specifically for anything that started with nccctf. That led me to the hidden flag.

flag = nccctf{n0_c0mm1t_n0_tr4c3}