Hacs workshop

Cryptography

50

100

100

150

350

Miscellaneous

50

100

150

200

1000

Forensics

50

100

100

200

500Adithya Naresh[ x7r0n]ctfwriteups.blogspot.in

Cryptography – The science of hiding information

Menu

Quest

ion

Question 1 :I rotated the wheel 13 times to find the answer. What

would you do ?Cipher text ->

"Pnrfre pvcure vf fuvsg ol 3 naq gur vqrn jnf pbcvrq sbe ebg13,ivtrarer naq ybnqf bs gurz.Gur xrl vf

"OVATVFABGTBBTYR".

50Menu

Answ

er

Key : Caesar cipherCaesar cipher is shift by 3 and the idea was copied for rot13,vigenere and loads of them. The key is "BINGISNOTGOOGLE“.

50 pts awardedMenu

Quest

ion

Question 2 :When i was checking the history of my friends comp.I found this link and a file in which this text was there.I need his credentials to look at what he spoke to his friend in facebook.http://pastebin.com/qLjHmByH O gsk elim eci gci bkewbm es jkkoy oy qg vxsrkyxqtrg.W czrb ekh wz sexikb.Pae m vxkr hu ciuxspsx lrl mnwg od xpx ubze heg.B rcjk es amgfs ge qqkxcf lzv phafg. geril::yoazdmzai

100Menu

Answ

er

Step 1 : http://pastebin.com/qLjHmByHStep 2 : http://www.base64decode.org/Step 3 : If at all i was given a vigenere cipher to encode i would keep my key as "GOOGLEIT“Step 4 : I see that you are trying to break in my credentials.I wont let it happen.But i need to remember and this is the only way.I love to stare at mirror for hours. atnas::samtsirhc Step 5 : santa:christmas

100 pts awardedMenu

Quest

ion

Question 3 :#!/usr/bin/pythonimport random a = random.randint(1,9)b = raw_input('Please Enter your message: ')d = []for x in b: c = ord(x) c = c-a d.append(c)print dFind out what the encrypted text contains [71, 72, 77, 25, 79, 62, 75, 82, 25, 76, 62, 60, 78, 75, 62]

100Menu

Answ

er

#!usr/bin/env pythona=['71','72','77','25','79','62','75','82','25','76','62','60','78','75','62']for i in range (1,10) :

string1 = ""for j in a :

string = int(j)+iprint stringstring1 = string1 + chr(string)

print string1,'\n‘

Answer : NOT VERY SECURE

100 pts awardedMenu

Quest

ion

Question 4 :All i know is that a bitwise operation leads you to the key String1 = "Psifer"String2 = "?????"------------------8 28 59 45 86 11------------------

150Menu

Answ

er

#! usr/bin/env pythonstring1 = "Psifer"string2 = ""ans = ["8","28","59","45","86","11"]str1 = ""k =0for j in string1 :

temp1 = ord(j)temp2 = int(ans[k])for i in range(0,255):

if(temp1 ^ i == temp2):str1 = str1 + chr(i)k = k+1

print str1

Answer : XoRK3y

150 pts awardedMenu

Quest

ion

Question 5 :Three best friends were sending messages to each other. After inspecting one of their computers we found a weird file called "ThisWillHelpThePublic.txt" having the content (361852223106461371121,23) We also found the file "TopSecret.txt" having its content: 298047296965971580870 208973156525516921811 338748949584784162292 011602936757302327193 Our group of trained crackers cracked this and got us some insane random output... But that won't do for us! Help us derive a plain text!

350Menu

Answ

er

Step 1 : read about RSAStep 2 : n = 361852223106461371121 , e= 23Step 3 : use online tools or cryptool to factorizeStep 4 : find dStep 5 : find the message Step 6 : Look at the hash,find its length..Its a MD5 hash

P = 535316821148119 Q = 675959 d = 125861456622483320711 Hash = 5cb1992a656eab10601aac8f6d2a7f4eAnswer = warp1234

350 pts awardedMenu

Miscellaneous – Mixed or some basic skills in hacking.

Quest

ion

Question 1 :I got a pdf on George_Hotz..what you dont know him ??? you better read about him :-)

50Menu

Answ

er

50 pts awardedMenu

Quest

ion

Question 2 :I found this video . But it hides some password. Could you tell me please.

100Menu

Answ

er

100 pts awardedMenu

Quest

ion

Hey!! :-( My Gmail has been compromised. The hacker sent me this image to my other account and told me to find the username and password in this. I heard you are good in this. Help me!

150Menu

Answ

er

150 pts awardedMenu

Link : gif-explode.comBase-64 : dG9ueV9zdGFyazo6aXJvbm1hbg==Answer : tony_stark::ironman

Quest

ion

Password... password... watcha gonna do? Watcha gonna do when I crack for you!

200Menu

Answ

er

200 pts awardedMenu

Quest

ion

Heyaaaa..rar has the description :-) happy hacking :-)Flag Format : flag1,flag2,flag3,..

50Menu

Answ

er

Flag1 : Zip cracking…Dictionary attack.

Menu

You get a barcode image. Decode it to get the flag.FLAG : SN0WD3N

Answ

er

Flag 2 : You are given a hint of bull fighting. Spain is what you think of. Translate the given text and you get to know that it’s a paste bin link.

In Spanish pasta means paste and papelera means bin.

Pastebin.com/5Af829JP

FLAG : p@st3b!n

Menu

Answ

er

Flag 3 : Hint given is ‘QWERTY’Hover over the letters in your keyboard and you can visualize that each word is a letter.

Rdxtgf pWsxdrfvgy wEdcrtgb nYhngvb d

FLAG : p_w_n_d

Menu

Answ

er

Flag 4 : Given is a brainfuck encoded text.Decoding gives : “niNe - Nine - z3r0 - z3r0 - tw0 - tw0 - z3r0 - e!gh7 - tWo - f0uR

Who am i ?? flag is first name.”

Truecaller helps you find the phone number “9900220824”

FLAG : yogeesh

Menu

Answ

er

Flag 5 : It is clear in that question that it’s a steganography challenge. So the information is hidden inside pdf.

A quick google search of how to hide files in pdf leads to a lifehacker website which tells about this tool called http://wbstego.wbailer.com/.

Decoding the pdf gives a text file , opening which you find FLAG{"St3g0_haX0r"}

FLAG : St3g0_haX0r

Menu

Answ

er

Flag 6 : Hint given is a youtube video.https://www.youtube.com/watch?v=-zVgWpVXb64

A quick google about the quote “my voice is my passport” gives the answer as “WERNERBRANDES”

FLAG : WERNERBRANDES

Menu 1000 pts awarded

Forensics – Identifying,Preserving,Recovering,Analyzing the information.

Quest

ion

Rumors have it that the teacher activated special firmwares for her favorite student, and has given him special user account. So I started sniffing around his network and got this file. See if you can help me retrieve the serial number of his firmware so that we can compare our stuff with his and bring this issue up front!

50Menu

Answ

er

50 pts awardedMenu

Flag : DNA-A201UB1AF10750738300

Quest

ion

Ok ok... So someone told me you are really good and stuff! So now I challenge you. Here is a file with my username and password. If you get my username and password right, you can then have my command and control server. And if you can not, you need to accept to surrender to my awesomeness!

100Menu

Answ

er

100 pts awardedMenu

User : Sandy Pass : P@ssw0rd

Quest

ion

Council of Aristocrats found out about a small bunch of techies who have developed an app on Facebook for people to share their views over the government, The council doesn't like this. They have hired you to investigate over this app and find out where it is hosted. (i.e find the IP address of the app).Note: If the ip you found is 87.43.43.98 then IP_ADDR should be 87.43.0.0flag_format: IP_ADDR::DOMAIN_NAMELink: https://apps.facebook.com/confessinator/

100Menu

Answ

er

Step 1 : View page source frame of the app.Step 2 : Look at the url and you find the domain.Step 3 : using cmd -> ping ethereal-app-259.appspot.com -> you would find the ip to be “74.125.200.141”Step 4 : As in the question its clearly mentioned so the ip we need would be 74.125.0.0

FLAG : 74.125.0.0::ethereal-app-259.appspot.com

100 pts awardedMenu

Quest

ion

I get this stupid image wherever I go. I so wish barcode was there. I don't understand how this image looks like. Can you fix it and tell me what it means??

200Menu

Answ

er

Step 1 : Look closely how would a qr code look.Step 2 : keep the corners as the reference and attach it.

FLAG : 055d561073b56e4155f04aa0e753f68c

200 pts awardedMenu

Quest

ion

All hail the forensics expert! I have no idea what can be done with this file that I got on my brother's laptop! Can have a look at the rest of them and let me know please!

500Menu

Answ

er

This challenge was to get you practiced with file command or TRiD.Extract the rar file you are given.You find each file type to be unknown. Use the command “file filename(your file)” to view what kind of file it is.Example : First file is a .bmp file which loaded in paint or any image viewer will fetch you the password “firstpart”. (Try it now)

Password for Final File:firstpartzipitselfextractingpart4rulezYou get : The password you need is : 4c 75 6d 69 61 5f 35 32 30Convert the hex to ascii and the FLAG is : Lumia_520

500 pts awardedMenu

Thank you. Hope you enjoyed the CTF