This isn't a Secure LineForensics ·
Our suspect is getting noided. We’ve managed to retrieve this from his computer. What can you find? Checking the file type with
file datareveals that it is yet another BTSnoop file.
Magic in the AirForensics ·
We are investigating an individual we believe is connected to a group smuggling drugs into the country and selling them on social media. You have been posted on a stake out in the apartment above theirs and with the help of space-age eavesdropping technology have managed to extract some data from their computer.
Our task is essentially the following: perform at most lim1 – 1 encryptions and send the decrypted challenge, so we need to uncover the secret in 128 – 1 == 127 queries.
I implemented this really cool Rubiks CBC encryption algorithm and tested it on a document with my flag in it, but my dog ate my hard drive so I couldn’t decrypt the file :(
Grab Your JishoCryptography ·
これは文字化けか？それとも暗号…？The first clue is the title. Jisho is the Japanese word for dictionary and all of these characters are, you guessed it, Japanese Kanji.
A Series of TubesOSINT ·
Use the personal information uncovered from PI 1 to find out where our suspect’s contact lives, his full name and the next flight he is taking.
PILReverse Engineering ·
We have a main and 2 functions. GetNextPiDigit’s purpose is obvious, although we originally had some confusion over whether the one-million-digits.txt started with 3.14, 314, or 14.
NamelessReverse Engineering ·
The given executable is statically linked and stripped which means reversing will be a bit tougher. However, “main” isn’t too complicated and so we’ll be able to guess what functions are used.
SignStealingSoftware-P2Web Exploitation ·
As a result of the LFI, we have the ability to view a file’s content, but we don’t have the ability to locate files that we seek in the system. We thought of 2 different possible approaches:
SpaceY DumpOpen-Source Intelligence ·
SpaceY Dump was a fairly high marks question in the Misc category for UMDCTF 2020. The goal is to try and unmask the anonymous Twitter user claiming responsibility for a hack and subsequent data leak.