Cryptography

Miscellaneous

Forensics

50

50

50

100
100 150 350

100
150 200 1000

100
100 200 500 Adithya Naresh [ x7r0n] ctfwriteups.blogspot.in

Cryptography The science of hiding information

Menu

Question

Question 1 :
I rotated the wheel 13 times to find the answer. What would you do ? Cipher text ->
"Pnrfre pvcure vf fuvsg ol 3 naq gur vqrn jnf pbcvrq sbe ebg13,ivtrarer naq ybnqf bs gurz.Gur xrl vf "OVATVFABGTBBTYR".

Answer

Key : Caesar cipher Caesar cipher is shift by 3 and the idea was copied for rot13,vigenere and loads of them. The key is "BINGISNOTGOOGLE.

Question

Question 2 : When i was checking the history of my friends comp.I found this link and a file in which this text was there.I need his credentials to look at what he spoke to his friend in facebook. http://pastebin.com/qLjHmByH O gsk elim eci gci bkewbm es jkkoy oy qg vxsrkyxqtrg.W czrb ekh wz sexikb.Pae m vxkr hu ciuxspsx lrl mnwg od xpx ubze heg.B rcjk es amgfs ge qqkxcf lzv phafg. geril::yoazdmzai

Answer

Step 1 : http://pastebin.com/qLjHmByH Step 2 : http://www.base64decode.org/ Step 3 : If at all i was given a vigenere cipher to encode i would keep my key as "GOOGLEIT Step 4 : I see that you are trying to break in my credentials.I wont let it happen.But i need to remember and this is the only way.I love to stare at mirror for hours. atnas::samtsirhc Step 5 : santa:christmas

Question

Question 3 :
#!/usr/bin/python import random a = random.randint(1,9) b = raw_input('Please Enter your message: ') d = [] for x in b: c = ord(x) c = c-a d.append(c) print d Find out what the encrypted text contains [71, 72, 77, 25, 79, 62, 75, 82, 25, 76, 62, 60, 78, 75, 62]

Answer

#!usr/bin/env python a=['71','72','77','25','79','62','75','82','25','76','62','60','78','7 5','62'] for i in range (1,10) : string1 = "" for j in a : string = int(j)+i print string string1 = string1 + chr(string) print string1,'\n

Answer : NOT VERY SECURE

Question

Question 4 : All i know is that a bitwise operation leads you to the key String1 = "Psifer" String2 = "?????" -----------------8 28 59 45 86 11 ------------------

Answer

#! usr/bin/env python string1 = "Psifer" string2 = "" ans = ["8","28","59","45","86","11"] str1 = "" k =0 for j in string1 : temp1 = ord(j) temp2 = int(ans[k]) for i in range(0,255): if(temp1 ^ i == temp2): str1 = str1 + chr(i) k = k+1 print str1 Answer : XoRK3y

Question

Question 5 :
Three best friends were sending messages to each other. After inspecting one of their computers we found a weird file called "ThisWillHelpThePublic.txt" having the content (361852223106461371121,23) We also found the file "TopSecret.txt" having its content: 298047296965971580870 208973156525516921811 338748949584784162292 011602936757302327193 Our group of trained crackers cracked this and got us some insane random output... But that won't do for us! Help us derive a plain text!

Answer

Step 1 : read about RSA Step 2 : n = 361852223106461371121 , e= 23 Step 3 : use online tools or cryptool to factorize Step 4 : find d Step 5 : find the message Step 6 : Look at the hash,find its length..Its a MD5 hash
P = 535316821148119 Q = 675959 d = 125861456622483320711 Hash = 5cb1992a656eab10601aac8f6d2a7f4e Answer = warp1234

Miscellaneous Mixed or some basic skills in hacking.

Question

Question 1 : I got a pdf on George_Hotz..what you dont know him ??? you better read about him :-)

Answer

Question

Question 2 : I found this video . But it hides some password. Could you tell me please.

Answer

Question

Hey!! :-( My Gmail has been compromised. The hacker sent me this image to my other account and told me to find the username and password in this. I heard you are good in this. Help me!

Answer

Link : gif-explode.com Base-64 : dG9ueV9zdGFyazo6aXJvbm1hbg== Answer : tony_stark::ironman

Question

Password... password... watcha gonna do? Watcha gonna do when I crack for you!

Answer

Question

Heyaaaa..rar has the description :-) happy hacking :) Flag Format : flag1,flag2,flag3,..

Answer

Flag1 : Zip crackingDictionary attack.

You get a barcode image. Decode it to get the flag. FLAG : SN0WD3N

Answer

Flag 2 : You are given a hint of bull fighting. Spain is what you think of. Translate the given text and you get to know that its a paste bin link.

In Spanish pasta means paste and papelera means bin.

Pastebin.com/5Af829JP FLAG : p@st3b!n

Answer

Flag 3 : Hint given is QWERTY Hover over the letters in your keyboard and you can visualize that each word is a letter. Rdxtgf p Wsxdrfvgy w Edcrtgb n Yhngvb d

FLAG : p_w_n_d

Answer

Flag 4 : Given is a brainfuck encoded text. Decoding gives : niNe - Nine - z3r0 - z3r0 - tw0 tw0 - z3r0 - e!gh7 - tWo - f0uR Who am i ?? flag is first name.

Truecaller helps you find the phone number 9900220824 FLAG : yogeesh

Answer

Flag 5 : It is clear in that question that its a steganography challenge. So the information is hidden inside pdf.
A quick google search of how to hide files in pdf leads to a lifehacker website which tells about this tool called http://wbstego.wbailer.com/. Decoding the pdf gives a text file , opening which you find FLAG{"St3g0_haX0r"} FLAG : St3g0_haX0r

Answer

Flag 6 : Hint given is a youtube video. https://www.youtube.com/watch?v=-zVgWpVXb64 A quick google about the quote my voice is my passport gives the answer as WERNERBRANDES FLAG : WERNERBRANDES

1000 pts awarded

Forensics Identifying,Preserving,Recovering,Analyzin g the information.

Question

Rumors have it that the teacher activated special firmwares for her favorite student, and has given him special user account. So I started sniffing around his network and got this file. See if you can help me retrieve the serial number of his firmware so that we can compare our stuff with his and bring this issue up front!

Answer

Flag : DNA-A201UB1AF10750738300

Question

Ok ok... So someone told me you are really good and stuff! So now I challenge you. Here is a file with my username and password. If you get my username and password right, you can then have my command and control server. And if you can not, you need to accept to surrender to my awesomeness!

Answer

User : Sandy Pass : P@ssw0rd

Question

Council of Aristocrats found out about a small bunch of techies who have developed an app on Facebook for people to share their views over the government, The council doesn't like this. They have hired you to investigate over this app and find out where it is hosted. (i.e find the IP address of the app). Note: If the ip you found is 87.43.43.98 then IP_ADDR should be 87.43.0.0 flag_format: IP_ADDR::DOMAIN_NAME Link: https://apps.facebook.com/confessinator/

Answer

Step 1 : View page source frame of the app. Step 2 : Look at the url and you find the domain. Step 3 : using cmd -> ping ethereal-app259.appspot.com -> you would find the ip to be 74.125.200.141 Step 4 : As in the question its clearly mentioned so the ip we need would be 74.125.0.0 FLAG : 74.125.0.0::ethereal-app-259.appspot.com

Question

I get this stupid image wherever I go. I so wish barcode was there. I don't understand how this image looks like. Can you fix it and tell me what it means??

Answer

Step 1 : Look closely how would a qr code look. Step 2 : keep the corners as the reference and attach it. FLAG : 055d561073b56e4155f04aa0e753f68c

Question

All hail the forensics expert! I have no idea what can be done with this file that I got on my brother's laptop! Can have a look at the rest of them and let me know please!

Answer

This challenge was to get you practiced with file command or TRiD.Extract the rar file you are given. You find each file type to be unknown. Use the command file filename(your file) to view what kind of file it is. Example : First file is a .bmp file which loaded in paint or any image viewer will fetch you the password firstpart. (Try it now)
Password for Final File:firstpartzipitselfextractingpart4rulez You get : The password you need is : 4c 75 6d 69 61 5f 35 32 30 Convert the hex to ascii and the FLAG is : Lumia_520

Thank you. Hope you enjoyed the CTF