EZ-CTF2022 / OSINT – Hue is this?

Ulli Weichert/ Mai 9, 2022/ IT-Security, Write-Ups/ 0Kommentare

Hue is This? 170 points Solves: 82 Medium I think you need to do a -180 turn to find her name and the song. Flag Format: EZ-CTF{Her_Name_And_The_7th_Song_In_The_Album} Solving Okay a good old osint challenge. I uploaded the image on yandex.com and was able to find the correct image. It is an album cover for the goa album Rock Bitch Mafia

Weiterlesen

EZ-CTF2022 / OSINT – American

Ulli Weichert/ Mai 9, 2022/ IT-Security, Write-Ups/ 0Kommentare

American 150 points Solves: 129 Easy Find the Gallery, find Mr. Gud, find the cow. Flag format: EZ-CTF{Mr_Gud_Full_Name_Cow_Painting_Name} Solving The given image is from James Ayers and is called The Rebellious One. But this is not what we are looking for, because we look for the name of Mr. Gud and a cow painting. So if you look further into

Weiterlesen

EZ-CTF2022 / MISC – Wavie Wave

Ulli Weichert/ Mai 7, 2022/ IT-Security, Write-Ups/ 0Kommentare

Wavie Wave solved 200 points Solves: 146 Medium What the hell is this sound that got into my "Chill Bird Vibes Vol XXI" mixtape? https://a.tmp.ninja/oLAHFlds.zip Flag format: EZ-CTF{FULL_MESSAGE} Solving Let’s have a look at the spectogram of this wave file. Maybe there is something hidden 🙂 EZ-CTF{KNOW_YOUR_SPECTOGRAAAAMS}

EZ-CTF2022 / Cryptography – No Kidding

Ulli Weichert/ Mai 7, 2022/ IT-Security, Write-Ups/ 0Kommentare

No Kidding 70 points Solves: 209 Easy No Other Kids Invent Anything like this…lol Flag Format EZ-CTF{WHATEVER_THE_MESSAGE_IS_ALL_CAPS} Solving This looks like Multi-tap or something similar… let’s just use the numbers and see what happens. I’ll use dcode.fr for this. 8/44/444/7777\\\444/7777\\\8/44/33\\\555/2/6/33/7777/8\\\222/8/333\\\333/555/2/4\\\33/888/33/33/33/33/777 T H I S\\I S\\T H E\\L A M E S T\\C T F\\F L A G\\E V E E

Weiterlesen

EZ-CTF2022 / Cryptography – McFly

Ulli Weichert/ Mai 7, 2022/ IT-Security, Write-Ups/ 0Kommentare

McFly 125 points Solves: 14 Easy Riib_fc_I1deo_B1ff3n_Bpz_Yoo_Mdsxfkt_XoPxhatt Flag format: EZ-CTF{D3c0d3d_Message} Solving This is a fun one 🙂 The hint for the challenge is this given picture Okay what do we see here? This is Biff, the oponent of Marty McFly from the back to the future movies… a classic 😀 But something seems off in this picture… in the movie

Weiterlesen

NahamCon CTF 2022 / Wizard

Ulli Weichert/ Mai 3, 2022/ IT-Security, Write-Ups/ 0Kommentare

Wizard You have stumbled upon a wizard on your path to the flag. You must answer his questions! PS (not challenge related), thank you so much to Hadrian for supporting NahamCon 2022! Press the Start button on the top-right to begin this challenge. Solving To solve this challenge, you need to connect to your own instance via netcat. Then you

Weiterlesen

NahamCon CTF 2022 / EXtravagant

Ulli Weichert/ Mai 3, 2022/ IT-Security, Write-Ups/ 0Kommentare

EXtravagant I’ve been working on a XML parsing service. It’s not finished but there should be enough for you to try out. The flag is in /var/www Press the Start button on the top-right to begin this challenge. Solving To solve this one, we need to upload our own malformed XML document (XML external entity (XXE) injection). Create a XML

Weiterlesen

JerseyCTF 2022 / web – apache-logs

Ulli Weichert/ April 10, 2022/ IT-Security, Write-Ups/ 0Kommentare

apache-logs Points: 100 An apache log file that contains recent traffic was pulled from a web server. There is suspicion that an external host was able to access a sensitive file accidentally placed in one of the company website’s directories. Someone’s getting fired… Identify the source IP address that was able to access the file by using the flag format:

Weiterlesen