The first executable stringcheese is very easy:

Text:

I'm something of a cheese connoisseur myself. If you can guess my favorite flavor of string cheese, I'll even give you a flag. Of course, since I'm lazy and socially inept, I slapped together a program to do the verification for me.

Connect to my service at nc lac.tf 31131

Note: The attached binary is the exact same as the one executing on the remote server.

; Attributes: bp-based frame

; int __cdecl main(int argc, const char **argv, const char **envp)
public main
main proc near

s= byte ptr -100h

; __unwind {
push    rbp
mov     rbp, rsp
sub     rsp, 100h
lea     rdi, format     ; "What's my favorite flavor of string che"...
mov     eax, 0
call    _printf
mov     rax, cs:__bss_start
mov     rdi, rax        ; stream
call    _fflush
mov     rdx, cs:stdin@GLIBC_2_2_5 ; stream
lea     rax, [rbp+s]
mov     esi, 100h       ; n
mov     rdi, rax        ; s
call    _fgets
lea     rax, [rbp+s]
lea     rsi, reject     ; "\n"
mov     rdi, rax        ; s
call    _strcspn
mov     [rbp+rax+s], 0
lea     rax, [rbp+s]
lea     rsi, s2         ; "blueberry"
mov     rdi, rax        ; s1
call    _strcmp
test    eax, eax
jnz     short loc_12B6

The password is blueberry. Afterwards:

What's my favorite flavor of string cheese? blueberry
...how did you know? That isn't even a real flavor...
Well I guess I should give you the flag now...
lactf{d0n7_m4k3_fun_0f_my_t4st3_1n_ch33s3}

rev/caterpillar aplet123 381 solves / 203 points -~-~-~-~[]? -~-~-~-~[].

This challenge is solved bycounting the -~ symbols and then recreating the number they represent.

The next challenge is Finals simulator:

rev/finals-simulator
aplet123
294 solves / 270 points

Don't you love taking finals? Don't you wish you could do it not only during finals week, but during every week? Fret no more, Finals Simulator 2023 has got your back! If you install now and get an A+ on your simulated final, you'll even get the limited time Flag DLC for free! Also, after numerous reports of cheating we've installed an anti-cheating mechanism so people actually have to solve the problem.

Connect to it at nc lac.tf 31132

The first answers are obvious.

The last one is encrypted:

We brute force the chars one by one and get the answer:

The last challenge is figuring out the flag in a comparing loop:

CTFD_PLUS:

rev/ctfd-plus aplet123 162 solves / 391 points

CTFd is too insufferably slow. You know why? Because they use an SQL database that’s bogged down by JOINs instead of a web scale database like MongoDB. MongoDB is web scale. You turn it on and it scales right up. You know what’s more web scale though? Nothing. That’s right, the throughput of /dev/null is off the charts. Behold, CTFd+, the first databaseless CTF platform. Can you get the flag for the only challenge?

The encryption function is:

We put a breakpoint at the end of the function and get the flag chars one by one on compare we make sure to modify the cmp function as to return success every time the comparison is