What looks like binary, but isn't?

Whilst doing a CTF, I came across a crypto challenge similar to the following that looked like binary:

11111111110010001010101110101111111010111111111101101101101100000110100100101111111111111100101001011110010100000000000010100110111100101001001011111111111001010011111111111111100101001011100101000101011110010100000000000000000000000000010101110010100111110010100110010100101111100101001010010100110111111111111111111111111111100101001111111111111111111111110010100100100000000000000000000000000000000000000000000000000000000000000000000000010100100000000000000000000000000000000000000000000010100010101111111001010000000000001010111111111111111001010

After it failed decoding AS binary, I tried the Magic option on CyberChef which failed, and several variations of the Baconian cipher - Which also failed.

After much searching and many failings, I came across Spoon - An esoteric programming language whose code looks like binary. A quick Google search led me to this online interpreter from dCode. Pasting in the text and clicking the "Execute" button got me the result I needed!

The one honest VPN video on YouTube

Exploiting Webmin 1.890 through cURL

In a recent CTF, I came across a legacy version of Webmin with a Metasploit module. I prefer to do things without Metasploit, so decided to use cURL.

In the above, you can see that Webmin is running by the page title - "Login to Webmin" and the version - "Server: MiniServ/1.890"

This specific version of Webmin has a backdoor with an associated Metasploit Module. The exploit looked easy enough, so I decided to do it manually.

Basic code execution.

We're already root...

And there's the flag. I won't cat it in this post, but there you go.