Lost my Head Oh no! Help! I’ve lost my head! Can you tell me the street name of the trash bin I lost it in? Maybe I can still find it… Flag format: TFCCTF{street_name_and_street_number_as_seen_on_google_maps_separated_by_underscores} Challenge authors: hofill, tomadimitrie Solving Like always we should first check strings, file and so on. Please see the logfiles. In the exif we can find
DISCORD SHENANIGANS We considered giving you a free flag. However, we decided against it. In general, we would never do that! Or would we? That’s the beginning of a good CTF! Discord is the new Twitter. To be able to solve this challenge, you’ll need to join our discord. Link in the Rules page. Todos The flag is hidden in
Deep Bielsa: ‚A man with new ideas is a madman, until his ideas triumph‘ Given is this foto: Todos Okay guys – this one is an easy one, but I did not solved that by my own! My personal rabbitholes Disclaimer: I couldn’t solve the challenge and had to bang my head on the edge of the table for hours
Noise Messi: ‚When the year starts, the objective is to win with all the team, personal records are secondary‘ Todos Given was this picture: In this stego challenges the first approach is to check the file type and look for some strings. $ ~ # file challenge.png challenge.png: PNG image data, 926 x 1262, 8-bit grayscale, non-interlaced That looks normal…
Friends Bielsa: ‚Everything is allowed, except stop fighting‘ Given was this image: Todos Like always – I check strings and exiftools and the file itself! But no command give us something. $ ~ # file messi.jpg messi.jpg: JPEG image data, JFIF standard 1.01, aspect ratio, density 1×1, segment length 16, baseline, precision 8, 720×628, components 3 exiftool messi.jpg > messi.jpg_exifdata
3in1 Description Like Nescafeeeee! Attachments https://ctf.k3rn3l4rmy.com/kernelctf-distribution-challs/nescafeee/AES.py Todos To decrypt the string in the given AES.py script (String is in scriptfile as a comment). from Crypto.Cipher import AES from Crypto.Hash import SHA256 f = open('progress.txt', 'r') password = ("abda") hash_obj = SHA256.new(password.encode('utf-8')) hkey = hash_obj.digest() def encrypt(info): msg = info BLOCK_SIZE = 16 PAD = "{" padding = lambda s: s
Syncopated Beat Points 300 Description We know there’s a hidden message somewhere here, but none of our steg tools are able to reveal it. Maybe we need to think outside the box? It is a well-known fact that demons sometimes hide messages in music. Demons speak lyrics to the musicians, and the demons insinuate their evil messages into the song.
Spectres Points 450 Description We intercepted this image from a suspected insider threat at De Monne Financial. It looks like parts of the image were cut out, but based on conversations between DEADFACE and the insider, we believe DEADFACE’s wallet address is hidden in this image. Image Getting the flag Take the picture to https://aperisolve.fr/ -> Just read the flag