basic-file-exploit Description The program provided allows you to write to a file and read what you wrote from it. Try playing around with it and see if you can break it! Connect to the program with netcat: $ nc saturn.picoctf.net 49698 The program’s source code with the flag redacted can be downloaded here. Solving Netcat into the service via given
diffie-hellman Description Alice and Bob wanted to exchange information secretly. The two of them agreed to use the Diffie-Hellman key exchange algorithm, using p = 13 and g = 5. They both chose numbers secretly where Alice chose 7 and Bob chose 3. Then, Alice sent Bob some encoded text (with both letters and digits) using the generated key as
credstuff Description We found a leak of a blackmarket website’s login credentials. Can you find the password of the user cultiris and successfully decrypt it? Download the leak here. The first user in usernames.txt corresponds to the first password in passwords.txt. The second user corresponds to the second password, and so on. Solving We got a tar file – extract
basic-mod2 Description A new modular challenge! Download the message here. Take each number mod 41 and find the modular inverse for the result. Then map to the following character set: 1-26 are the alphabet, 27-36 are the decimal digits, and 37 is an underscore. Wrap your decrypted message in the picoCTF flag format (i.e. picoCTF{decrypted_message}) Solving This challenge is similar
basic-mod1 Description We found this weird message being passed around on the servers, we think we have a working decrpytion scheme. Download the message here. Take each number mod 37 and map it to the following character set: 0-25 is the alphabet (uppercase), 26-35 are the decimal digits, and 36 is an underscore. Wrap your decrypted message in the picoCTF
Noise Messi: ‚When the year starts, the objective is to win with all the team, personal records are secondary‘ Todos Given was this picture: In this stego challenges the first approach is to check the file type and look for some strings. $ ~ # file challenge.png challenge.png: PNG image data, 926 x 1262, 8-bit grayscale, non-interlaced That looks normal…
3in1 Description Like Nescafeeeee! Attachments https://ctf.k3rn3l4rmy.com/kernelctf-distribution-challs/nescafeee/AES.py Todos To decrypt the string in the given AES.py script (String is in scriptfile as a comment). from Crypto.Cipher import AES from Crypto.Hash import SHA256 f = open('progress.txt', 'r') password = ("abda") hash_obj = SHA256.new(password.encode('utf-8')) hkey = hash_obj.digest() def encrypt(info): msg = info BLOCK_SIZE = 16 PAD = "{" padding = lambda s: s
BSides-Jeddah-CTF Writeups to the BSides Jeddah CTF – 2021 Situation – BSides Jeddah BSides Jeddah is coming up with a blueteam flavored CTF this year hosted by CyberDefenders. This will be a Jeopardy-style intermediate CTF with a few harder challenges, including network analysis, memory forensics, and malicious document analysis. To get latest updates, follow us on twitter @JeddahBsides , @CyberDefenders.
BSides-Jeddah-CTF Writeup to the BSides Jeddah CTF – 2021 Situation – BSides Jeddah BSides Jeddah is coming up with a blueteam flavored CTF this year hosted by CyberDefenders. This will be a Jeopardy-style intermediate CTF with a few harder challenges, including network analysis, memory forensics and malicious document analysis. To get the latest updates, follow us on twitter @JeddahBsides ,
Useful payloads Here are some valuable payloads for both Linux & Windows command injection on a vulnerable web-application. Feel free! Linux Payload Description whoami See what user the application is running under. ls List the contents of the current directory. You may be able to find files such as configuration files, environment files (tokens and application keys), and many more