dns-joke Points: 100 Description A system administrator hasn’t smiled in days. Legend has it, there is a DNS joke hidden somewhere in www.jerseyctf.com. Can you help us find it to make our system administrator laugh? Solving To get the flag, check the dns entries of the www.jerseyctf.com subdomain. jerseyctf.com TXT @192.168.178.1 +short "jctf{DNS_J0k3s_t@k3_24_hrs}" This script will help you get the
stolen-data Points: 150 Someone accessed the server and stole the flag. Use the network packet capture to find it. Solving Okay – let’s load the pcap file into wireshark and have a further look. First I tried to download all interessting files… html and so on, but this was a dead end. After that I looked in the statistics and
speedy-at-midi Points: 150 Your partner-in-crime gets a hold of a MIDI file, riff.mid, which intelligence officials claim to contain confidential information. He has tried opening it in VLC Media Player, but it sounds just like the piano riff in riff.mp3. Can you find the right tool to extract the hidden data? Solving Downloaded the files Looked at it wit sonic
scavenger-hunt Points: 350 My friend told me he hid a flag for me on this server! Server: 0.cloud.chals.io SSH port: 24052 Username: jersey Password: securepassword ssh jersey@0.cloud.chals.io -P 24052 Solving Grepping through the remote filesystem did the trick 🙂 grep -ir "jctf{" /
recent-memory Points: 250 Use the memory image in the Google drive link below. An attacker left behind some evidence in the network connections. Follow the attacker’s tracks to find the flag. https://drive.google.com/drive/folders/1ubSx3pwHOSZ9oCShHBPToVdHjTev7hXL Solving Okay let’s analyze the memory file, I will use volitality3 for this. With this command we can get all net sessions stored in the memory. python vol.py
data-backup Points: 250 The backup of our data was somehow corrupted. Recover the data and be rewarded with a flag. Solving My first attempt is to restore the file from the backup with foremost or binwalk -e. So I tried it with binwalk and got some files. Also a PDF file, that contains the flag. jctf{fun_w17h_m461c_by735}
corrupted-file Points: 400 Can you find a way to fix our corrupted .jpg file? Solving First we check the corrupted file with file: $~: file flag_mod.jpg flag_mod.jpg: data Okay, then let’s look with hexedit or something similar, to look for further hints. Okay – I see the JFIF tag in there, but why could we open the image? I checked