CDFG20 Writeup

Yet another CTF writeup! (CDFG20)

CDFG20 Writeup

Yet another Capture The Flag event !! This event was organized by year 2 students at my faculty. Thought their challenges were pretty interesting so here we goooo!


Reversing

Secret

DESCRIPTION

Can you find my secret?

ATTACHED FILES
secret.java(download).

— — — — — — — — — — — — — — — — — — — — — — — — — — — — — — —

Upon inspection of the code, I realized that all the characters of flag are written separately and they are each given a position. After rearranging the characters I was given the flag :)

Flag — — → CDFG20{tH1s_i5_mY_s3cRe7}


Puzzle

DESCRIPTION

Do you like puzzles? Julius sure does!

ATTACHED FILES
ilovepuzzles.java(download).

— — — — — — — — — — — — — — — — — — — — — — — — — — — — — — —

Upon inspection of the code, we see that there are arrays with the puzzle values visible to us. These are hex values. So I proceeded to decode them to ASCII and got this.

Followed by that, I identified the string as a base64 string and decoded it. After that I was able to see the flag format but the values were messed up. I suspected that their might have been rotated. So I used ROT13 and brute forced the flag :)

UFFTVDIwe2NIbU15M19mMHlJM3F9

Flag — — → CDFG20{pUzZl3_s0lV3d}


Assembly

DESCRIPTION

What does asm(0x354) return?

Note: The flag for this challenge will not be in the standard flag format

ATTACHED FILES
asm.s(download).

— — — — — — — — — — — — — — — — — — — — — — — — — — — — — — —

This was the assembly code that I was given. The question was what would asm(0x354) return. If we followed the instructions we would have to add 0x8 to it and then subtract 0x3 from it. I didn't have much experience working with assembly code so I got a lil help from a friend for this one!

Flag — — → CDFG20{0x359}


Cryptography

Rip Headphone User

DESCRIPTION

What is he trying to say?

ATTACHED FILES
Rip_Headphone_Users.wav(download).

— — — — — — — — — — — — — — — — — — — — — — — — — — — — — — —

At first I believed that this was Morse code with a ton of random filters applied to it but I couldn't get anything out of it. Moving on, I got this application called Sonic Visualiser. I read online that I could analyze waveform with it.

After playing around with the software for awhile, I found out that there were 2 audio channels in the wav file. So I pulled up the spectrogram for it and found the flag there!

Layer > Add spectrogram > channel 1

Flag — — → CDFG20{pR37ty_s1mple}


Spaces

DESCRIPTION

So much space.....

ATTACHED FILES
nothingHere.txt(download).

— — — — — — — — — — — — — — — — — — — — — — — — — — — — — — —

At first glace, there was nothing in the file. After using hexdump on the file, this came up. Some google searches later, I arrived at this video by John Hammond.

Followed by that I installed stegsnow on kali and got to work. After some tries..this command gave me the flag.

stegsnow -C nothingHere.txt

Flag — — → CDFG20{b3h0ld_th3_pow3r}


Jack and Jill

DESCRIPTION

Free Flag and a little story.

ATTACHED FILES
lil_story.txt(download)
flag.txt(download)

— — — — — — — — — — — — — — — — — — — — — — — — — — — — — — —

This appeared to be some kinda cipher at first. After some time, I got the following clue from the admins.

Jack and Jill went up the hill.

Couple google searches later, I found out about the hill cipher. However, I needed matrix values to decrypt the flag. This is where I turned to the story. It appeared to have 4 numbers  in them. I used those as matrix values and I got the flag!

After I had gotten the main contents, I substituted the newly found values back into the flag format with the number and I got the flag :)

Flag — — → CDFG20{m0un74in_cl1mbers}


Help me!

DESCRIPTION

We intercepted a secret message from a movie pirate but it's all gibberish?
After looking through the files, there was a wierd_map.txt that stood out but we're not sure what to make of it...

ATTACHED FILES
weird_map.txt(download)
SECRET.txt(download)

— — — — — — — — — — — — — — — — — — — — — — — — — — — — — — —

This appeared to be some kinda random text/script at first glance. After inspection the flag seemed to have been placed in the SECRET.txt file but the alphabets were rotated according to the weird_map.txt  

After substituting the values, I was given the flag.

CDFGq-u4cc_b-nkc_.2,$t:y
CDFG20{b33_m0vi3_scr1pt}

Flag — — → CDFG20{b33_m0vi3_scr1pt}


OSINT

Shameless Self Promotion

DESCRIPTION

Riley has not returned home since Monday. We received an an anonymous tip that she had been murdered by her best friend. Could you help us identify her friend's instagram page? This is Riley's twitter account:

https://twitter.com/RileyPe45209313

— — — — — — — — — — — — — — — — — — — — — — — — — — — — — — —

This challenge was pretty simple. This tweet led me to an Instagram page where I then found the flag.

Flag — — → CDFG20{tpcdfsig}


Misc

nc

DESCRIPTION

What does nc even mean?

nc ctf.cdfguardians.com 8888 nc 13.250.62.61 8888

— — — — — — — — — — — — — — — — — — — — — — — — — — — — — — —

This was a pretty straight forward challenge. I netcat into the port and the server gave me the flag.

Flag — — → CDFG20{nEtc4T_i5_y0uR_b35t_fR13nD}


Secret in Chess

DESCRIPTION

Here lies the secret to win every game.

ATTACHED FILES
chess_is_fun.lpg(download)

— — — — — — — — — — — — — — — — — — — — — — — — — — — — — — —

This appeared to be some kind of steggo so I threw the image into my kali machine and ran strings on it!

[email protected]:~/Downloads# strings chess_is_fun.jpg 

Flag — — → CDFG20{wh3r3_4re_youuuu}


Web

knock knock

DESCRIPTION

Can you help me to find my spare key?

http://ctf.cdfguardians.com:12345/closed.html http://13.250.62.61:12345/closed.html

— — — — — — — — — — — — — — — — — — — — — — — — — — — — — — —

I was overthinking this at the start. All I had to do was to change the URL to open and I got the flag.

Flag — — → CDFG20{1lf3_saverrrr}


knock knock

DESCRIPTION

Can you help me to find my spare key?

http://ctf.cdfguardians.com:12345/closed.html http://13.250.62.61:12345/closed.html

— — — — — — — — — — — — — — — — — — — — — — — — — — — — — — —

This was pretty straight forward too! Looking at the source code of the site gave me the flag!

Flag — — → CDFG20{n0th1ng_1s_fr3e}


And....thats a wrap for CDFG20! :) This was how I solved most of the challenges!

~Nee