Saturday, June 8, 2019

[Writeup] HSCTF 2019

By  at June 08, 2019  , , , , , , ,  No comments

FORENSICS

Chicken Crossing


Use strings and grep command in linux I have a flag.
Flag: hsctf{2_get_2_the_other_side}

Cool Image

The author give us a file with extension is .pdf, but I can open it, check back the header I realize it is the .png file so I just change the extension and get flag.


Cool Image 2

This time I can't open the PNG file. Like cool image 1 I open it in HXD and I see the auther add some stuffs at the header and make operation can't realize the png file. Just delete all of it I have true image:

Slap


Once again, I use strings and grep command in linux and take flag
Flag: hsctf{twoslapsnonetforce}


Logo sucks bad


When I use Stegsolve on the image, I see at top of image have been changed, so I believe the Image changed by LSB. I used zsteg and have flag.
Flag: hsctf{th4_l3est_s3gnific3nt_bbbbbbbbbbbbb}



fish


I really sure this image encrypted by Steghide and what we need to do is find the right key, after try a lot of cases, the "bobross63" is the key that we need.
Flag: hsctf{fishy_fishy_fishy_fishy_fishy_fishy_fishy123123123123}

Double trouble

Once again zsteg help me figure out the link of something and the password key: "whatdowehavehere", after download the file from mediafire, I realize it pgp file encrypted. Decrypt with the key found before I have flag.
Flag: hsctf{koalasarethecutestaren'tthey?}

Misc

Verbose

The author give us a jsfuck code in text file, after execute it the browser always direct to the homepage of the competition, so I decrypt it by http://codertab.com/jsunfuck
Flag: hsctf{esoteric_javascript_is_very_verbose}


Locked

After brute force with a lot of dictionary, I still not find the flag, in the moment I think I should try strings and grep because it is zip version 1, and hell yeah the flag is mine.
Flag: hsctf{w0w_z1ps_ar3nt_th@t_secUr3}

A Simple Conversation

In the source code file, we only can input by input function in python 2, and this it no secure, for more information you can watch this video. I send "open("flag.txt","r").read()" to make the code execute and get the flag.
Flag: hsctf{plz_u5e_pyth0n_3}

Real reaversal

Read the description carefully, I think the file was reversed and I need to reverse back to read it. After reverse, it's a text file contain words in Unicode table, looking carefully I saw the flag.
Flag: hsctf{utf8_for_the_win}

Hidden Flag

We have a file that encrypted, but we know the extension of the file is .png. I tried to xor the header of PNG: 89 50 4E 47 0D 0A 1A 0A and the header of the file is: E0 3E 38 2E 7E 63 78 66. Then I got the key is invisible, so keep doing I have a real image.

Broken REPL

Read the source code, I know I need to do something to make program throw memory exception and take the flag. After googling, I found this awesome python bug, send the payload I got flag.
Flag:hsctf{dont_you_love_parsers}

REVERSAL


A byte

Open binary in IDA, easily we can see what the program will do. It take our input and xor it with 0x01 than compare with the length equal 35 or not and compare with the result after xor, so we just need to xor the result with 0x01 to have real flag.
Flag: hsctf{w0w_y0u_kn0w_d4_wA3_8h2bA029}

License

When I solve this challenge, it's mid night and I really tired, I can't reverse all the source code of this challenge, but I realize that one word in keyboard we map with one word of license, so I just try to find all of it and make the right input, but I got some wrong submit just because right license but wrong flag.
Flag: hsctf{k3ith_m4k3s_tr4sh_r3}

0 comments:

Post a Comment