[Cyber Apoc '24] Dynastic
Dynastic This was a crypto challenge where we are given a Python script (encryption algo) and the output text file (cipher). The given files can be found here.
Description You find yourself trapped inside a sealed gas chamber, and suddenly, the air is pierced by the sound of a distorted voice played through a pre-recorded tape. Through this eerie transmission, you discover that within the next 15 minutes, this very chamber will be inundated with lethal hydrogen cyanide.
[Cyber Apoc '24] Urgent
Urgent This was an email forensics challenge where we are given an EML message file and are required to extract the flag from it. The given file can be found here.
Description In the midst of Cybercity’s “Fray,” a phishing attack targets its factions, sparking chaos. As they decode the email, cyber sleuths race to trace its source, under a tight deadline. Their mission: unmask the attacker and restore order to the city.
[Cyber Apoc '24] Quantum Conundrum
Quantum Conundrum This was my first quantum-related CTF challenge which I was hoping to use quantum computing concepts to solve. The intended solution required one to implement a quantum teleportation algorithm, which I could not comprehend and ended up exploiting an insecure eval to achieve RCE.
Description KORP™, the heartless corporation orchestrating our battles in The Fray, has pushed us to our limits. Refusing to be a pawn in their twisted game, I’ve learned of a factionless rebel alliance plotting to dismantle KORP™.
[Hack@AC'24] Libwary
Libwary This was an interesting PHP challenge showcasing the potential impacts of insecure deserialization.
Description Try to read the flag from The Libwary. (Impossible)
The source code for this challenge can be found here.
Spotting the Vulnerability When looking at index.php, we see that our user object is deserialized from the PHPSESSID cookie. Deserializing user input is always a huge no-no, as users can send specially crafted payload to pwn the server.
[Hack@AC'24] HackMe:)
Hack@AC'24: HackMe:) This was a forensics challenge that provided a WireShark capture of wifi traffic. The challenge was to find the flag from the capture via wifi hacking.
Hack me :) by sawntoe Hack me if you can :) 11 Solves | 1000 Points The Challenge Opening the file in Wireshark, we can see that there a huge number of packets - 12,200 to be exact. It’ll be quite a hassle to go through all of them at this point, so we should probably analyse the whole situation first.