13
Oct
2013

ebCTF: CRY100 “Classic”

We found some crypto ciphers on our attic. Can you decipher all text and put together the flag?

This challenge was meant to be a simple task, but which required a lot of work. It gave you six encrypted messages which you need to decrypt to get parts of the key .
{Read More}

02
May
2012

Plaid CTF 2012 – RoboDate

So apparently robots, despite their lack of hormones, still have an underlying desire to mate. We stumbled upon a robot dating site, RoboDate. Hack it for us!
We found the source code for this robot encryption service, except the key was redacted from it. The service is currently running at 23.21.15.166:4433
Title: RoboDate (100)
Category: Password Guessing

The challenge is to get admin rights on a robo-dating website.
{Read More}

02
May
2012

Plaid CTF 2012 – Encryption Service

We found the source code for this robot encryption service, except the key was redacted from it. The service is currently running at 23.21.15.166:4433
Title: Encryption Service (300)
Category: Password Guessing

The service basically implements an encryption Oracle, it reads data from the socket and returns the AES-CBC encrypted version of this data, concatenated with a secret string. The challenge is to find this secret string.
{Read More}

01
May
2012

Plaid CTF 2012 – Nuclear Launch Detected

Our spies intercepted communications and a file between 5 of the top 10 robo-generals and their nuclear bomb server. We must recover the final launch code from the 5 robo-general’s secret codes, so we can stop the detonation!
Title: Nuclear Launch Detected (150)
Category: Password Guessing

For this challenge we had to find a a cryptographic secret from a number of shares.
{Read More}

30
Apr
2012

Plaid CTF 2012 – Size Doesn’t Matter

We found a pair of robot command execution services running at 23.20.239.9 ports 8888 and 8889. Can you break into it?
{Read More}

29
Feb
2012

CODEGATE 2012 – Binary 200

This challenge requires us to retrieve a plaintext string which would be eventually printed by the provided DLL. Our routine identification attempt tells us that the DLL has been packed using PEtite v2.1.

{Read More}

28
Feb
2012

CODEGATE 2012 – Binary 100

We’re given a zipfile containing a Windows executable. An identification attempt (using CFF explorer) quickly reveals that it was packed using a simple executable compressor:

Signature: CExe v1.0a
Matches: 43

{Read More}

26
Feb
2012

CODEGATE 2012 – Misc-2

Challenge Description

Alice wants to send a message to Bob in secure way. Alice encrypted a plaintext PA = ¡°IMISSYOU¡± = 0x494D495353594F55 by using DES and obtained ciphertext CA = 0xFA26ED1833264435.
Alice sent the ciphertext CA and the secret key to Bob. The secret key was encrypted by converting each of its letters to a pair of digits giving its position in the typewriter keyboard.

{Read More}

26
Feb
2012

CODEGATE 2012 – Network 500

This is part of C&C traffics without any certification.
It has been advanced using auth process.
Find the C&C server address and make a bot command to meet a condition below.

Answer: auth_key|next_attack_time|next_attack_target

We get a PCAP file with a bunch of UDP traffic. There’s also a HTTP GET for a picture showing some disassembly. We OCR’d the image, corrected some OCR mistakes and turned it into a binary. The binary is basically iterating over the string “1.2.3.4:4444″ and obfuscating it in a certain way.

{Read More}

26
Jan
2012

MozillaCTF 2012 – Awesome Corp. Secured Ranges

This challenge entails reversing two (packed) Windows executables in order to retrieve an encrypted message. Once the algorithm and key generation method have been determined, a bruteforce search within a limited keyspace yields the valid key.

{Read More}