stolen-data Points: 150 Someone accessed the server and stole the flag. Use the network packet capture to find it. Solving Okay – let’s load the pcap file into wireshark and have a further look. First I tried to download all interessting files… html and so on, but this was a dead end. After that I looked in the statistics and
speedy-at-midi Points: 150 Your partner-in-crime gets a hold of a MIDI file, riff.mid, which intelligence officials claim to contain confidential information. He has tried opening it in VLC Media Player, but it sounds just like the piano riff in riff.mp3. Can you find the right tool to extract the hidden data? Solving Downloaded the files Looked at it wit sonic
scavenger-hunt Points: 350 My friend told me he hid a flag for me on this server! Server: 0.cloud.chals.io SSH port: 24052 Username: jersey Password: securepassword ssh jersey@0.cloud.chals.io -P 24052 Solving Grepping through the remote filesystem did the trick 🙂 grep -ir "jctf{" /
recent-memory Points: 250 Use the memory image in the Google drive link below. An attacker left behind some evidence in the network connections. Follow the attacker’s tracks to find the flag. https://drive.google.com/drive/folders/1ubSx3pwHOSZ9oCShHBPToVdHjTev7hXL Solving Okay let’s analyze the memory file, I will use volitality3 for this. With this command we can get all net sessions stored in the memory. python vol.py
data-backup Points: 250 The backup of our data was somehow corrupted. Recover the data and be rewarded with a flag. Solving My first attempt is to restore the file from the backup with foremost or binwalk -e. So I tried it with binwalk and got some files. Also a PDF file, that contains the flag. jctf{fun_w17h_m461c_by735}
corrupted-file Points: 400 Can you find a way to fix our corrupted .jpg file? Solving First we check the corrupted file with file: $~: file flag_mod.jpg flag_mod.jpg: data Okay, then let’s look with hexedit or something similar, to look for further hints. Okay – I see the JFIF tag in there, but why could we open the image? I checked
would-you-wordle Points: 250 Someone left this secret text string and unfinished Wordle. Can you put them together to get the flag? pUpPHg3KfB15MG2KGtQQMDEECPOF8oa3VA== Solving Okay lets have a look at it. The hint tells us something about "Ron’s code". This should be RC4 according to this: RC4 (for ‚Ron’s Code 4‘) is a stream cipher developed by Ronald L. Rivest in
new-algorithm Points: 75 On the first day of the job, a new cryptography intern is insisting to upper management that he developed a new encryption algorithm for the company to use for sensitive emails and should get a raise. This seems too good to be true… are you able to prove the intern wrong by decrypting it? Here’s an example
SQLiLite Description Can you login to this website? Try to login here. Solving Connecting to the website will give us a login form. Assuming for a sql injection (title of the task) we try to login via ' or 1=1– for username and password. This works… the flag should be in plainsight… okay then the sourcecode or selecting everything again…
SQL Direct Description Connect to this PostgreSQL server and find the flag! The connectionsettings could be different on your side. psql -h saturn.picoctf.net -p 59911 -U postgres pico Password is ‚postgres‘ Solving With the given connectionstring we can log into the postgres database There we just need to ‚SELECT‘ what we want. With ‚\l‘ you can list the databases and