26
Feb
2012

CODEGATE 2012 – Network 100

Challenge Description

Someone have leaked very important documents. We couldn’t find any proof without one PCAP file. But this file was damaged.

¡Ø The password of disclosure document is very weakness and based on Time, can be found easily.
Cryptographic algorithm is below.

Msg = ¡°ThisIsNotARealEncryption!SeemToEncoding¡±
Key = 0x20120224 (if date format is 2012/02/24 00:01:01)
Cryto = C(M) = Msg * Key = 0xa92fd3a82cb4eb2ad323d795322c34f2d809f78

{Read More}

26
Feb
2012

CODEGATE 2012 – Misc-4

The file contains a zipped version of a saved website. Browsing through the files we noticed some suspicious looking javascript:
{Read More}

26
Feb
2012

CODEGATE 2012 – Forensics 200

Challenge Description

When IU who lives in Seoul tried to do SQL Injection attack a certain WEB site, suddenly the browser was closed abnormally. What is the SQL Injection value she tried to enter and when the browser was closed? The time is based on Korea Standard Time(UTC +09:00)
{Read More}

26
Feb
2012

CODEGATE 2012 – Misc-3

This challenge contains of a PCAP file with the following assignment:

You spied to find “Secret of Joseon which is previous dynasty of Korea”.
You got all main pages information to manage unrevealed secret of Joseon through network sniffing.
Open the file contained the secret of Joseon.
{Read More}

26
Feb
2012

CODEGATE 2012 – Forensics 100

Challenge Description

In order to steal financial information of Company X, IU got a job under cover. She decided to attack CFO’s computer, and then insert malicious code to his computer in the way of social engineering. She figured out that he didn’t use to turn off his computer, when he gets off work. After he leaves the office, she obtains financial data from his computer to search EXCEL file. By checking installed application program, she can find the information in the file. She lacks the file externally. In order to remove all traces, she erases malicious code, event logs and recent file list.
{Read More}

26
Feb
2012

CODEGATE 2012 – Misc-5

Challenge Description:

감사합니다./ありがとうございます./Dank u./Tak.Danke./Gratias./Спасибо./Terima kasih.
Mulţumesc./Cảm ơn bạn./Дзякуй./Благодаря./Tack./Gracias./شكرا لك./Go raibh maith agat.
Dankie./Grazie./Terima kasih./謝謝./ขอบคุณ./Obrigado./Dziękuję./Merci./Kiitos./Köszönöm./शुक्रिया.
Thank you very much for spending time with us.
The final problem enjoy with you. It may not look hard.
Let’s view the problem from another angle.
Decrypt it.

{Read More}

26
Feb
2012

CODEGATE 2012 – Misc-2

Challenge Description

Alice wants to send a message to Bob in secure way. Alice encrypted a plaintext PA = ¡°IMISSYOU¡± = 0x494D495353594F55 by using DES and obtained ciphertext CA = 0xFA26ED1833264435.
Alice sent the ciphertext CA and the secret key to Bob. The secret key was encrypted by converting each of its letters to a pair of digits giving its position in the typewriter keyboard.

{Read More}

26
Feb
2012

CODEGATE 2012 – Vuln 100

What is Administrator listening to the music?
Service: http://1.237.174.123:3333/

This web based challenge was an online music player service that allowed us to upload music, and listen the to the tracks we uploaded using a fancy web based audio player.
The service stated that you could only play tracks that are uploaded from your own IP.
That made us curious.. how would that check be implemented and are we able to bypass it?

{Read More}

26
Feb
2012

CODEGATE 2012 – Forensics 500

Challenge Description

This file is Forensic file format which is generally used.
Check the information of imaged DISK, find the GUIDs of every partition.

Answer: strupr((part1_GUID) XOR (part2_GUID) XOR …)

Download : B704361ACF90390C17F6103DF4811E2D

The file seems to be a Expert Witness File (EWF) which is a container file for forensic images. The file header shows the string EVF.

The file seems to be 1 MB of a full forensic image, because of all the missing information this file can not be processed by the standard forensic tools such as Encase and FTK. Also parsing the file with libewf did not seem to work.
The EWF file seems to contain multiple pieces of zlib compressed data, all these streams start with 48 0D.

{Read More}

26
Jan
2012

MozillaCTF 2012 – Swimsuit up! (50)

Challange 22: – Swimsuit up!

The challenge 22 description was as follows:

For this challenge you will have to dress up in a sea related fashion. We do not necessarily require that your whole team dresses up, but the more the merrier. There are no further suggestions, no boundaries, no limits! Just try to fit into our oceanic theme. Upload your picture on twitter and send a message that contains #SwimSuitUp and @MozillaCTF to earn 50 points. The deadline to send pictures is therefore one hour before the ending of our competition.
Update:
Remember to put some proof in your pictures. A sign that contains your team name, the scoreboard on a screen in the background etc.

{Read More}