Categories
Cryptography m0lecon Quals

“CryptoGolf”

We are given: server.py: Note from writeup writers: limits were actually imported from a file that was not given. Their values were released as a hint, so we added their known specified values here Our task is essentially the following: perform at most lim1 – 1 encryptions and send the decrypted challenge, so we need […]

Categories
Forensics Houseplant CTF 2020

“Ezoterik”

Step 1: Waste half an hour transcribing the BF code in the image. Step 2: Discard it all. If you run strings ezoterik.jpg or inspect the image in a hex editor, you will see a suspicious ASCII string at the end: 2TLEdubBbS21p7u3AUWQpj1TB98gUrgHFAiFZmbeJ8qZFb9qCUc8Qp6o86eJYkrm2NLexkSDyRYd3X9sRCRKJzoZnDtrWZKcHPxjoRaFPHfmeUyoxyyWQtiqEgdJR1WU4ywAYqRq7o55XLUgmdit6svgviN8qy72wvLvT2eWjECbqHdrKa2WjiAEvgaGxVedY8SRXXcU9JbP5Ps3RY2ieejz6DrF9NBD7mri2wrsyDs9gpVgosxnYPbwjGdmsq7GwudbqtJ7SeKgaStmygyfPast5F3ZKL9KeC2LzCeenffoZ4d4Cna7TZdkUsfdK1HNmoB46fo9jK5ENQwnWdPmZBnZ4h8uDxHpQF74rs3wPcpmch6Byu31och1cyz8JxgXkacHpTrGeAN2bEhRp8kDQpmPtj9QqaAgxTbam9hoB4mvtrRmRx5GnzzZoWW5qDxwMvgKCYWiLwtLcvjDZPNdHGbvFspFeCq7kBcTeyrjYeHxuwwwM1GpdwMdxzNiFK1jYkA4DUZRohuKxeyhBFiY9HuwD6zKf9nZMThoYwTGhAJR2d3GqVqXGsivAKLs1oBzrmH9V6vaMwAjM7Hu69TLfKHtZUThoiEDftxPJdraNxoQps3mFamNbT1U3kRdpAz5s5kq6i2jLBUjBjAdV9N8jWNqx4RgiaHTW5qqb8E6JvHgQyrVkLmMdsjoLAWaWZLRw2pQpBJehRsx1LU6wmAC1nfeLbdQxPmytaMUURBDhHVqPNxwThCzZsnA9RuKrYWGsmyTxCzVUEjvUXaU4hkoV62qn7G1TnVRiADNhRfMnxm8R2ZoSPxEhVaFyHvLweq For no reason whatsoever besides the fact that it’s in CyberChef, you try […]

Categories
Cryptography Houseplant CTF 2020

“…. .- .-.. ..-.”

I am extremely surprised this was the hardest challenge. The title is morse code for the word “half”, which makes you think of fractions and morse, in other words the Fractionated Morse Code cipher. Even if you haven’t heard of it, searching “half morse” on Google gives you the same result. Decrypting it using a […]

Categories
OSINT UMD CTF

“SpaceY Dump”

SpaceY Dump was a fairly high marks question in the Misc category for UMDCTF 2020. The goal is to try and unmask the anonymous Twitter user claiming responsibility for a hack and subsequent data leak. So immediately we know that this is an OSINT question, we need to analyze this user’s digital footprint to ascertain whether […]

Categories
UMD CTF Web Exploitation

“SignStealingSoftware-P2”

Challenge Problem : “We are now in the system! Looks like the developers are still there, now we just need to find the key so we can create more user accounts, so our team can steal all the signs! http://159.89.228.183:8081“ When we login into the given domain, we can immediately spot an LFI vulnerability in […]

Categories
Cryptography UMD CTF

“Low Effort Required”

We see that this is RSA, except e is really low (5) as hinted by the title Low E… so we just take the fifth root of the ciphertext to decode it and get the flag. UMDCTF-{f1x_y0ur_3xp0s} Fun fact: this writeup was also low effort required

Categories
hexionCTF 2020 Reverse Engineering

“PIL”

A BMP image and C# bytecode file are provided. One of my teammates used a decompiler from JetBrains to recover the original C# program. See here: https://pastebin.com/aHMP04xj I wrote a python program to emulate what the C# program does, since I don’t know C# and didn’t want to have to keep checking the docs to […]

Categories
hexionCTF 2020 Reverse Engineering

“Nameless”

Challenge Problem : “Strip my statically linked clothes off” The given executable is statically linked and stripped which means reversing will be a bit tougher. However, “main” isn’t too complicated and so we’ll be able to guess what functions are used. Unique disassembled functions from top to bottom: syscall with eax=0xc9 (time syscall) – time. […]

Categories
hexionCTF 2020 Miscellaneous

“T&J”

We are given jerry.pcapng, which is a pcap of USB mouse movement. (This took my team and I way longer to figure out than it should have, given that Jerry from Tom and Jerry is a mouse.) My team found a script at https://github.com/WangYihang/UsbMiceDataHacker which I used. The script had to be ported from python2 […]

Categories
hexionCTF 2020 Miscellaneous

“Hmmm”

Problem Description : 🤔Note: anime girl isn’t the flag In this problem, we are given a file called “hmmm”. First, lets try to execute it. As you can see on the left, this is the image that the file prints. Lets take a closer look into the actual file. You can open it up in […]