DSCI-EY CTF (2020) Writeup Part-1
Hi guys, It’s been a long time since I wrote anything, was busy with multiple things going on. Me and Nipun(My Classmate from College) participated in one of the CTF after a long time. It was organized by DSCI and EY and it was hosted on CTFd, the same platform we hosted our CTF on. Around 120 teams participated in a group of 2. We came 24th but we learned a lot(Me Specifically). It was fun, some challenges were really good and creatives.
Following categories were there:
* Buffer Overflow
* Cryptography
* Forensics
* Mobile
* OSINT
* Password Cracking
* Programing
* Reverse Engineering
* Stenography
* System Hacking.
So let’s get this party started
Buffer Overflow
* Too Much of anything is good for nothing
It was simple, Nipun already had a file with large input. He connected to the server and gave the same input. After a while boom, the server just spitted out the flag. We were like what!!! We actually didn’t expect that but we got the flag.
There was only one challenge in the Buffer Overflow category
Cryptography:
*Bashing your neighbors(50 Points)
String: w0m7_s17_7s3n_s41iw
At first, we thought this is some kind of ROT cipher, tried brute-force on it but got nothing. If you look closely you can see bash word was repeatedly used. Did a google search and found that this might be atbash cipher. Tried online decrypting using atbash and it worked.
Flag: d0n7_h17_7h3m_h41rd
*Enjoy the Bacon(50 Points)
In this challenge we can see some binary in the groups of 5. We found that there is this bacon cipher that uses only A and B as values. We made a whole string out of it. We decrypted it and got the flag but the issue was that it was not accepting the flag in given format and we wasted all of 3 tries by putting it in different formats. This is the one thing I didn’t like about this CTF.
*Love Caesar(50 Points)
String: T0P_4M3_4_Q4G14I7_C4XF3M
This was really easy just a simple Caesar Cipher. Get the string and decode it with the online Caesar Cipher tool, test for all the possible solutions and you will get the flag. This was the first challenge that we completed.
This was having +21 shifts.
Flag: Y0U_4R3_4_V4L14N7_H4CK3R
*Manager for Password(50 Points)
There was a manager.kdbx file as attachment. We were not sure how to open it. A quick google search tells that’s it is a KeePass Database file. So the task was to find the Master password for the database file. We need to extract hash and crack that. We can do the same using John The Ripper. keepass2john is the tool that can be used for this.
Syntax: keeppass2john manager.kdbx > test.txt
This will extract hash and put it in test.txt, now will try to crack hash using default wordlist.
Syntax: john test.txt
This will invoke john and it will use default wordlist to get the password but as I was not running my Machine on high Memory my system took a while to find the Password and CTF was over when we got the flag.
Flag: dsci_ey{157865}
*Rotten eggs(50 Points)
String: Ohl_A3j_3ttf
So this was the simplest challenge and most solves were for this round only. This was a basic ROT13. Just head to any online decrypter tool and boom you will get the flag.
Flag: Buy_N3w_3ggs
*Scan to decode(50 Points)
This challenge was simple, don’t know why only a few teams were able to solve it. There was one attachment to download. It is a QR code once you scan it, you will get one base64 string, decrypt it and you will get the flag.
But we were not able to clear because of the format. I tried with capitals, failed Nipun tried with lower case again failed. Nipun was like be careful it’s last chance, I was confident that I can handle it. I put it in the format dsci_ey{flag}} and boom it’s not correct and with that, we exhausted all our tries. When I checked the flag I saw there was one extra closing curly bracket. I was like
Forensics
*Save your friend(50 Points)
This was the challenge that I loved and had fun solving.
So the description was simply that there is a GIF and some supporting story. I downloaded the GIF and tried looking for clues about what can be done. We thought that they have done something using stegonagraphy but no luck, checked a few things but there was nothing I could have done. So we left it for a while and started working on different challenges. When we had just 15 mins left, we were going through the challenges like we are different beings now.
There were multiple solutions for this GIF challenge and we thought that let’s try one more time. I again checked what I have done previously, again no luck. When I looked closer I saw there were some letters flashing, okh so I can try to reduce the speed of the GIF and try to read(a really stupid idea but no harm in trying). Tried decreasing speed no output, just random figures that look likes some alphabets
When I almost gave up I see one option of frames I just clicked on that so there were frames there around 18, I just tried to move few frames but in background, john was eating my resources (it was trying to brute-force .kdbx file challenge).
After lagging a while it moved a bit but made no sense I keep trying to make some sense out of the frames(Honestly I had no idea what I was doing).
After a while I found that they were some alphabets oh!! I start working quickly but john was not letting me use any resource but after few minutes of drag and drop I found that it was the word Saved. When submitted it CTF was over. Nonetheless, we both were happy about this challenge that we were able to solve it.
This is all in part 1, will write about next challenges in part 2. Drop your suggestions in comment section.
Twitter
Nipun: www.twitter.com/@nipunsomani