[SpookyCTF'23] What Have We Found Here...
SpookyCTF'23: What Have We Found Here… As the sun dipped below the horizon, casting long shadows across the barren landscape, I stood alone at the edge of the world. The map had brought me here, to this remote and desolate place, in pursuit of a mystery that had captivated the world's greatest minds. A cryptic message had been found on the ground, a message from the cosmos itself, or so it seemed. It hinted at the existence of extraterrestrial life, hidden within the depths of space. The message, a series of seemingly random characters, held secrets that could change everything we knew about the universe. My task was to decipher it, to unlock its hidden meaning. The characters appeared to be encoded in a complex language, something that I cannot seem to figure out. The key to understanding lay within those symbols, like a cosmic puzzle waiting to be solved. As I gazed up at the starry night sky, seeing the Leo Minor constellation in the sky, I knew that the fate of humanity rested on my ability to decode this enigmatic message, to uncover the truth hidden within the stars. This was a simple cryptography challenge. We are given a text file containing a long string of weird characters.
[RP'23] Ready Player 50 - All Challenges
Ready Player 50 - All Levels The Ready Player 50 Challenge is a collaboration between Lakera’s popular game “Gandalf” and the CS50 course at Harvard University. It contains 7 levels of increasing difficulty, and the goal of it is to make the CS50 Duck reveal the secret password for each level through various methods of prompt injections.
Level 1 Level 1 was indeed very easy, and I had to simply ask the duck for the password.
[TISC'23] Level 1 - Disk Archaeology
TISC'23: Disk Archaeology This was a forensic challenge in TISC, involving the analysis of a disk image. We are provided with a file called challenge.tar.xz which we had to find the hidden flag within the files.
The Challenge Unknown to the world, the sinister organization PALINDROME has been crafting a catastrophic malware that threatens to plunge civilization into chaos. Your mission, if you choose to accept it, is to infiltrate their secret digital lair, a disk image exfiltrated by our spies. This disk holds the key to unraveling their diabolical scheme and preventing the unleashing of a suspected destructive virus. You will be provided with the following file: - md5(challenge.tar.xz) = 80ff51568943a39de4975648e688d6a3 Notes: - challenge.tar.xz decompresses into challenge.img - FLAG FORMAT is TISC{<some text you have to find>} ATTACHED FILES challenge.tar.xz Unzipping the zip file, we have a challenge.img file. Looking at the file type, we can see that it is a Linux filesystem.
[PatriotCTF'23] WPA
Patriot CTF: WPA This was an easy wifi hacking challenge which required the use of a dictionary attack to find out the password of a wifi password. The challenge pcap file can be found here
The Challenge I really need to get on my friends WiFi, but he won't give me the password. I think he thinks I'll mess around on his network. I started a packet capture and left it running a while, I think someone connected to the network before I stopped the capture. Can you help me? Looking at the pcap file, there were 888 packets with the 802.11 protocol, which is the WLAN protocol.
[PatriotCTF'23] ReReCaptcha
Patriot CTF: ReReCaptcha This was an RSA challenge which required the use of OCR (Optical character recognition - converting an image of text into text format).
The Challenge The challenge had a zip file containing four images:
CT.png:
E.png:
P.png:
Q.png:
In RSA (and here),
CT - Ciphertext / Encrypted Message E - Public Exponent (Part of Public Key) that is relatively prime (share no common factors other than 1) to the product of P-1 and Q-1 which is represented by phi P and Q - (Part of private key) Distinct, large prime numbers used in the generation of the RSA key pair. Retrieving Values To retrieve the values from the image, what we had to do was to use OCR to get the values from the image. I used a free OCR tool and uploaded the files.