Dreaming of You TYPE: TRAFFIC ANALYSIS PCAP Challenge Someone doesn´t understand networking traffic. Now I know their deepest crush. Can you find the flag from the PCAP file? Submit the flag as flag{text}. Download File SHA1: 1c99dee5307143e7dad0f0a19e58ad431eb5b8ce Solution Downloaded the provided file and opened it with wireshark. Just searched for flag and here it is: EASY 5 points: flag{longing_for_nancy}
GOING OLD SCHOOL TYPE: CRYPTOGRAPHY Challenge Unable to use their RSA encryption program, luciafer resorts to using old school techniques to send a message out to the team. Can you decipher the code and find the flag? Submit the flag as flag{flag text} Download Image SHA1: 1afcf5cc3a64f3924f27425ed344fbe4545c5554 env.deadface.io Solution The link provided was the following image. At first sight we
Pandora´s Box TYPE: CRYPTOGRAPHY Challenge Pandora´s box, we have found it! Even better, the last travelers knew the numbered code to get in but they couldn’t figure out the transcription. Figure out the the transcription’s translation to find the flag! Download Image SHA1: 8e613787658d2d5828448aa182e2bb4904c124a8 Submit the flag as: flag{word_word_word_word} Solution Given was the follwing image So it looks like that
Passing on Complexity TYPE: TRAFFIC ANALYSIS PCAP Challenge ESU’s IT staff swears up and down that the backup user’s password is secure and follows best practice. Their internal auditors are not convinced and are asking for your help to determine the backup user’s password at the time of the breach. Submit the flag as flag{password}. Use the packet capture from
Gone But Not Forgotten TYPE: OSINT Challenge It looks like DEADFACE members shared their public keys last month. All of them sent their keys over Signal or email except for spookyboi. He mentioned uploading his key to portal.deadface.io, but none of our analysts can get to the site. Submit the MD5 hash of the public key file as the flag.
Under Public Scrutiny TYPE: OSINT Challenge DEADFACE mentioned on Ghost Town that they have a public GitHub repository. See if you can find a flag hidden that belongs to DEADFACE. Submit the flag as: flag{flag-text}. Solution I´ve started looking at the Ghost Town forum and searched for github. Only two threads – this is first one: So since I now
K3RN3L CTF 202 Zabomb You received a suspicious file from the k3rn3l4rmy hacking group, the title says, ‘Not a Zip Bomb, Please Open’, you decide NOT to open it and instead try to reverse it. It is recommended that you do NOT open this, it will fill your entire disk. Solving the challenge Luckily unzip was not able to do
DamCTF 2021 rev/seed m0x Having a non-weak seed when generating "random" numbers is super important! Can you figure out what is wrong with this PRNG implementation? seed.py is the Python script used to generate the flag for this challenge. log.txt is the output from the script when the flag was generated. What is the flag? Downloads log.txt seed.py Given was
DamCTF 2021 malware/sneaky-script (forensics/rev) captainGeech We recovered a malicious script from a victim environment. Can you figure out what it did and if any sensitive information was exfiltrated? We were able to export some PCAP data from their environment as well. Downloads files.zip Given was a pcap file and a bash script. -rwxr-xr-x 1 root root 516 5. Nov 05:35
DamCTF 2021 misc/bad-patterns BaboonWithTheGoon A hacker was too lazy to do proper encryption. However, they left us some examples of how their encryption "algo" was supposed to work. original text : "Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris