Welcome Presentation

Details

CATEGORY: forensics OBSERVED DIFFICULTY: 1/5 CTF: Unnamed

Challange

[Text lost but we are given a pptx file]

Solution

We are given a powerpoint presentation, when viewd it is empty.

We can explore the contents of the file by renaming it as a .zip file and extracting it with the unzip command.

Looking around, we find a file named "hidden", inside is the flag base64 encoded.

--1103

The Wizarding World of Crypto

Details

CATEGORY: crypto OBSERVED DIFFICULTY: 2/5 CTF: Unnamed

Challange

[Text lost but we are given a netcat ip/port]

Solution

We are given morse code after conecting and told it is a name.

If we decrypt it, we are given N, e & c, RSA paramters.

After running a few attacks with rsactftool we find that a cube-root attack works most of the time.

Decrypting the c value we get some scrabeled text, probably a rot-13 cypher.

Conter-rotating the text, we get a human name!

If we send this back we are given another morse code sequence.

So we don't get timed out, we use the folowing code:

import base64 as b import re from pwn import * from subprocess import run import codecs # Dictionary representing the morse code chart MORSE_CODE_DICT = { 'A':'.-', 'B':'-...', 'C':'-.-.', 'D':'-..', 'E':'.', 'F':'..-.', 'G':'--.', 'H':'....', 'I':'..', 'J':'.---', 'K':'-.-', 'L':'.-..', 'M':'--', 'N':'-.', 'O':'---', 'P':'.--.', 'Q':'--.-', 'R':'.-.', 'S':'...', 'T':'-', 'U':'..-', 'V':'...-', 'W':'.--', 'X':'-..-', 'Y':'-.--', 'Z':'--..', '1':'.----', '2':'..---', '3':'...--', '4':'....-', '5':'.....', '6':'-....', '7':'--...', '8':'---..', '9':'----.', '0':'-----', ', ':'--..--', '.':'.-.-.-', '?':'..--..', '/':'-..-.', '-':'-....-', '(':'-.--.', ')':'-.--.-'} # Function to encrypt the string # according to the morse code chart def encrypt(message): cipher = '' for letter in message: if letter != ' ': # Looks up the dictionary and adds the # corresponding morse code # along with a space to separate # morse codes for different characters cipher += MORSE_CODE_DICT[letter] + ' ' else: # 1 space indicates different characters # and 2 indicates different words cipher += ' ' return cipher # Function to decrypt the string # from morse to english def decrypt(message): # extra space added at the end to access the # last morse code message += ' ' decipher = '' citext = '' for letter in message: # checks for space if (letter != ' '): # counter to keep track of space i = 0 # storing morse code of a single character citext += letter # in case of space else: # if i = 1 that indicates a new character i += 1 # if i = 2 that indicates a new word if i == 2 : # adding space to separate words decipher += ' ' else: # accessing the keys using their values (reverse of encryption) decipher += list(MORSE_CODE_DICT.keys())[list(MORSE_CODE_DICT .values()).index(citext)] citext = '' return decipher p = remote('[redacted]', 2226) p.readuntil("What does this mean?\r\n") mors = p.recvuntil(' \r\n>>') p.writeline(b'[redacted]') # print(mors) for x in range(5): p.readuntil("What does this mean?\r\n") mors = p.recvuntil(' \r\n>>') mors = mors[:-5] mors = mors.decode("utf-8") mors = mors.replace("/", "-..-. ") mors = decrypt(mors) mors = mors.split("/") tmp = [chr(int(x)) for x in mors] tmp = "".join(tmp) tmp = b.b64decode(tmp) tmp = tmp.splitlines() N = tmp[0][4:].decode("utf-8") e = tmp[1][4:].decode("utf-8") c = tmp[2][4:].decode("utf-8") t = run(f"rsatool --private --attack cube_root --verbosity DEBUG --timeout 5 -n {N} -e {e} --uncipher {c}", shell=True, capture_output=True, encoding="utf-8") #print(t.stdout) m = re.search("utf-8 : (.*)", t.stdout) print(m[1]) tmp = codecs.decode(m[1], "rot_13") print(tmp) tmp = tmp.replace("\x1b[0z", "") tmp = tmp.encode("ascii") print(tmp) p.writeline(tmp) while True: print(p.readline())

--1103

SpaceWars

Details

CATEGORY: misc OBSERVED DIFFICULTY: 1/5 CTF: Unnamed

Challange

[Text lost but we are given one file]

Solution

The file appears to be empty, but on closer inspection contains lots of whitspace (tabs, newlines, ect). This is likely the whitespace esolang.

The flag is found by running the "code" with a whitespace intepreter.

--1103

Back to the basics

Details

CATEGORY: pwn OBSERVED DIFFICULTY: 1/5 CTF: Unnamed

Challange

[Text lost but we are given two files]

Solution

If we look at the first file we see it is ELF, if we de-compile it with cutter we see the flowing:

So this appears to scramble input text by taking each char and mutiplying it by ’\x02’.

If we look at the second file we see scrabled text, this is probably our flag.

We can unscrable it with the folowing code:

import re print((ord("N") * ord('\x02'))) with open("output") as f: i = f.readlines() i = [int(x, 16) for x in i] print(i) i = [(x//ord('\x02')) for x in i] print(i) i = [(chr(x)) for x in i] i = "".join(i) print(i)

--1103