TigerKing CTF Writeup

So Recently we participated in TigerKing CTF organised derpcon 2020

Here are the solution of few questions we solved

Crypto:-

Do you feel me?

⠙⠑⠗⠏{⠊⠓⠁⠧⠑⠕⠗⠊⠛⠊⠝⠎⠊⠝⠞⠓⠑⠋⠗⠑⠝⠉⠓⠁⠗⠍⠽⠂⠦⠂⠔}  

so the challenge is braille code
using https://www.dcode.fr/braille-alphabet 

​[viʒnɛːʁ]

vcuc{wcusurgmvcznvpamu}

A vigenere cipher with key 

All about that base

ZGVycHtJc1RoaXNFbmNyeXB0aW9ufQ==
Its base64

derp{IsThisEncryption}

All about that base remix

MRSXE4D3KRUGS42JONCGKZSFNZRXE6LQORUW63RBPU======
Base32

et tu brute

qrec{NaByqvrOhgNTbbqvr}

The challenge is alphabetic decryption
The key is n

derp{AnOldieButAGoodie}  



AFSC 29331

-.. . .-. .--./-.. .. - - -.--/-... --- .--. .--. . .-. ...

This challenge looks like morse code 

Don't touch the third rail

d{zir}epZgaCpeFWrighT

The cipher is rail fence cipher with index 3 


Mind the Padding

You'll need a pad for this one. It is the Mission Statement of one of our gold sponsors.
evzc{cej.ymzompsow-ab.kbu}

 
Its One time pad cipher 

with key as one of gold sponser 


Tom Nook - Internet traffic - Part I


 The chall contains a pcap file 


so on following the tcp stream we got the flag



DERP{WayToCatchMyForeignServer}
 



FIXED: Tom Nook - Internet traffic - Part II

Tom Nooks is a technologist and has been working on his operational security. Could you tell me what he was trying to hide?

This is zip cracking challenge rather then a Internet traffic
crack the zip file with john using rockyou.txt

The pdf contains the flag
DERP{TomNookDrivesTheBoat}

WEB

Something Derpy

This challenge is hosted by one of our amazing sponsors. Go to https://www.randori.com

Lets check out this site

So we see the .png file 


Download the file

After analysis the file contains a base64 string
ZGVycHtEb250UGV0VGhlVGlnZXJzfQ==

On decoding it we got our flag
derp{DontPetTheTigers}





Solution for SSH problems are given in:-

youtube




Comments

Popular posts from this blog

Exploiting GhostCat(CVE-2020–1938)