diffie-hellman Description Alice and Bob wanted to exchange information secretly. The two of them agreed to use the Diffie-Hellman key exchange algorithm, using p = 13 and g = 5. They both chose numbers secretly where Alice chose 7 and Bob chose 3. Then, Alice sent Bob some encoded text (with both letters and digits) using the generated key as
credstuff Description We found a leak of a blackmarket website’s login credentials. Can you find the password of the user cultiris and successfully decrypt it? Download the leak here. The first user in usernames.txt corresponds to the first password in passwords.txt. The second user corresponds to the second password, and so on. Solving We got a tar file – extract
Noise Messi: ‚When the year starts, the objective is to win with all the team, personal records are secondary‘ Todos Given was this picture: In this stego challenges the first approach is to check the file type and look for some strings. $ ~ # file challenge.png challenge.png: PNG image data, 926 x 1262, 8-bit grayscale, non-interlaced That looks normal…
BSides-Jeddah-CTF Writeup to the BSides Jeddah CTF – 2021 Situation – BSides Jeddah BSides Jeddah is coming up with a blueteam flavored CTF this year hosted by CyberDefenders. This will be a Jeopardy-style intermediate CTF with a few harder challenges, including network analysis, memory forensics and malicious document analysis. To get the latest updates, follow us on twitter @JeddahBsides ,
Password Insecurities Points 50 Description It looks like DEADFACE is going after the password of one of De Monne’s customers: Haily Poutress. She has since changed her password, but De Monne is looking for ways to improve password requirements. De Monne would like you to crack the password from the database leak to determine if Haily’s password was secure enough.
City Lights Points 40 Description De Monne wants to know how many branch offices were included in the database leak. This can be found by figuring out how many unique cities the employees live in. Submit the flag as flag{#}. Use the MySQL database dump from Body Count. Get the flag To get this flag use this statement: select count(distinct(city))
Keys Points 20 Description One of De Monne’s database engineers is having issues rebuilding the production database. He wants to know the name of one of the foreign keys on the loans database table. Submit one foreign key name as the flag: flag{foreign-key-name} (can be ANY foreign key). Use the MySQL database dump from Body Count. Getting the flag Just
Body Count Points 10 Task Description One of our employees, Jimmie Castora, kept database backups on his computer. DEADFACE compromised his computer and leaked a portion of the database. Can you figure out how many customers are in the database? We want to get ahead of this and inform our customers of the breach. Submit the flag as flag{#}. For
Umgang mit Passwörtern im Allgemeinen Passwörter, ein notwendiges Übel und häufig der einzige Schutz vor dem Zugriff auf die eigene Identität (facebook) oder andere Services. Nun kommt es aber vor, dass wir Administratoren mal Passwörter und Benutzernamen austauschen müssen. Häufig auch für mehrere Benutzer. Weiter muss man sich dann noch die Frage stellen, wie man die Passwörter und Benutzernamen sicher