Forensics
-
This isn't a Secure Line
Forensics ·Our suspect is getting noided. We’ve managed to retrieve this from his computer. What can you find? Checking the file type with
file data
reveals that it is yet another BTSnoop file. -
Magic in the Air
Forensics ·We are investigating an individual we believe is connected to a group smuggling drugs into the country and selling them on social media. You have been posted on a stake out in the apartment above theirs and with the help of space-age eavesdropping technology have managed to extract some data from their computer.
Cryptography
-
CryptoGolf
Cryptography ·Our task is essentially the following: perform at most lim1 – 1 encryptions and send the decrypted challenge, so we need to uncover the secret in 128 – 1 == 127 queries.
-
RubiksCBC
Cryptography ·I implemented this really cool Rubiks CBC encryption algorithm and tested it on a document with my flag in it, but my dog ate my hard drive so I couldn’t decrypt the file :(
-
Grab Your Jisho
Cryptography ·これは文字化けか?それとも暗号…?The first clue is the title. Jisho is the Japanese word for dictionary and all of these characters are, you guessed it, Japanese Kanji.
OSINT
-
A Series of Tubes
OSINT ·Use the personal information uncovered from PI 1 to find out where our suspect’s contact lives, his full name and the next flight he is taking.
Reverse Engineering
-
PIL
Reverse Engineering ·We have a main and 2 functions. GetNextPiDigit’s purpose is obvious, although we originally had some confusion over whether the one-million-digits.txt started with 3.14, 314, or 14.
-
Nameless
Reverse Engineering ·The given executable is statically linked and stripped which means reversing will be a bit tougher. However, “main” isn’t too complicated and so we’ll be able to guess what functions are used.
Web Exploitation
-
SignStealingSoftware-P2
Web Exploitation ·As a result of the LFI, we have the ability to view a file’s content, but we don’t have the ability to locate files that we seek in the system. We thought of 2 different possible approaches:
Open-Source Intelligence
-
SpaceY Dump
Open-Source Intelligence ·SpaceY Dump was a fairly high marks question in the Misc category for UMDCTF 2020. The goal is to try and unmask the anonymous Twitter user claiming responsibility for a hack and subsequent data leak.