EOF{script_kiddie@eofool.com}The challenge description was minimal but clear — we needed to find someone's first GitLab repository. The key was identifying who "he" refers to.
Creator: pandasif
This gave us our first lead: pandasif was likely the person whose GitLab repo we needed to find.
We searched for the user pandasif on GitLab:
https://gitlab.com/pandasifOnce on their profile, we looked for:
We found a repository containing a C++ source file (sk.cpp) that simulated a "script kiddie" attack tool. This matched perfectly with the challenge theme "A Noob's first milestone."
Looking through sk.cpp, we noticed three data arrays used to generate random email addresses:
const vector FIRST_NAMES = {
"olivia","emma","amelia","ava","sophia","charlotte","isabella","mia","luna","harper",
"liam","noah","oliver","elijah","lucas","levi","mason","asher","james","ethan",
"EOF" // ← Hidden here!
};
const vector SURNAMES = {
"smith","johnson","williams","brown","jones","garcia","miller","davis","rodriguez",
"martinez","hernandez","lopez","gonzales","wilson","anderson","thomas","taylor",
"moore","jackson","martin","{script_kiddie" // ← Hidden here!
};
const vector EMAIL_PROVIDERS = {
"gmail.com","outlook.com","yahoo.com","aol.com","yandex.com","eofool.com}" // ← Hidden here!
}; The flag was cleverly hidden across three arrays:
"EOF""{script_kiddie""eofool.com}"When pieced together: EOF{script_kiddie@eofool.com}
Flag: EOF{script_kiddie@eofool.com}
The creator hid the flag in plain sight within the data structures used by the script kiddie simulation tool — a fitting easter egg for a challenge about a "noob's first milestone"!
| Step | Action | Result |
|---|---|---|
| 1 | Identified creator from challenge | Found username: pandasif |
| 2 | Searched GitLab for user profile | Located profile at gitlab.com/pandasif |
| 3 | Found first/early repository | Discovered sk.cpp source code |
| 4 | Analyzed source code arrays | Found flag split across 3 arrays |
| 5 | Reconstructed flag components | Success! |