Brainiac
Challenge
Imported from local notes.md.
Solution
Original Notes
Brainiac
Challenge Summary
- Given: a single attached file named
challenge.txtand a description containingSHA1: 33746b3052f748a9d41f030d2be4f196d02453cb. - Goal: recover a flag in the format
CIT{string}. - Constraints: no remote service or input channel, just static analysis of the attachment.
Initial Recon / Triage
- Observations: the attached file contains only the characters
+,-,<,>,[,], and.. - File identification: that character set is Brainfuck source code.
- Entry points: verify the provided SHA1 against the downloaded file and decode the Brainfuck program.
Hypotheses & Approach
- Hypothesis 1: the given SHA1 is an integrity check for the attachment, not the hash of the flag.
- Hypothesis 2: decoding the Brainfuck source should print the flag directly.
Execution Steps (Reproducible)
Stage 1
Commands:
cd /root/cit2026CTF/Brainiac
sha1sum starting_files/challenge.txt
python3 - <<'PY'
from pathlib import Path
code = Path('starting_files/challenge.txt').read_text().strip()
print('unique chars:', ''.join(sorted(set(code))))
PY
Results:
- The file hash matched the challenge description exactly:
33746b3052f748a9d41f030d2be4f196d02453cb. - The source uses the exact instruction set expected for Brainfuck.
Stage 2
Commands:
cd /root/cit2026CTF/Brainiac/artifacts
python3 solve_brainiac.py
cat decoded_output.txt
Results:
- Decoding the Brainfuck program produced the flag directly.
- The printed output was
CIT{Wh@t_in_th3_w0rld_i$_th1s_l@ngu@g3}.
Artifacts Produced
artifacts/solve_brainiac.py: reusable Brainfuck decoder for this attachment.artifacts/decoded_output.txt: plaintext emitted by the program.
Flag
CIT{Wh@t_in_th3_w0rld_i$_th1s_l@ngu@g3}