EasyCTF IV 2018

Discord - Misc [1 pt]

Join the Discord chat! Maybe if you use it enough, you'll find the flag.

Hint: The link to joining the Discord is on our Updates page ;) Make sure you read the info channel.

Solution: Join the discord server and the flag is in the channel description

Flag: easyctf{Is_this_really_a_D1sc0rd_fl4g!}

Intro: Hello, world! - Misc [1 pt]

Using your favorite language of choice, print Hello, world! to the output.

• For Python, consider the print function.

• For Java, consider System.out.println.

• For CXX, consider including stdio.h and using the printf function.

Hint: If you're not sure how to do this, try searching Google for how to make "Hello world!" programs in your language of choice.

I decided to use Java

public class Main {
    public static void main(String args[]) {
        System.out.println("Hello, world!");
    }
}

Flag: None

Intro: Linux - Intro [10 pt]

Log into the shell server! You can do this in your browser by clicking on the Shell server link in the dropdown in the top right corner, or using an SSH client by following the directions on that page. Once you've logged in, you'll be in your home directory. We've hidden something there! Try to find it. :)

Connecting to the shell server [username: user46667]

ssh user46667@s.easyctf.com

Then execute command to list all the files [if you do 'ls' by itself it will not work]

user46667@shell:~$ ls -lA
total 1
-rw-r--r-- 1 user666 ctfuser    41 Feb   7  21:16 .flag

Now we know there is a file so we just have to read it

user46667@shell:~$ cat .flag
easyctf{i_know_how_2_find_hidden_files!}

Flag: easyctf{i_know_how_2_find_hidden_files!}

Intro: Web - Intro [10 pts]

The web goes well beyond the surface of the browser! Warm up your web-sleuthing skills with this challenge by finding the hidden flag on this page!

Hint: Not sure where to look? Try looking up 'source code', specifically related to web pages.

If you look at the source code you can find the flag

Flag: easyctf{hidden_from_the_masses_11a8b2}

Intro: Netcat - Intro [20 pts]

I've got a little flag for you! Connect to c1.easyctf.com:12481 to get it, but you can't use your browser! (Don't know how to connect? Look up TCP clients like Netcat. Hint: the Shell server has Netcat installed already!) Here's your player key: 3770529. Several challenges might ask you for one, so you can get a unique flag!

Going through the prompt this is what terminal should look like

nc c1.easyctf.com 12481
enter your player key: 3770529
thanks! here's your key: easyctf{hello_there!_C06DFE0d60723Bec}

Flag: easyctf{hello_there!_C06DFE0d60723Bec}

Intro: Hashing - Misc [20 pts]

Cryptographic hashes are pretty cool! Take the SHA-512 hash of this file, and submit it as your flag.

Hint: Try searching the web to find out what SHA-512 is.

1KB

Hashing.png

image

You can use an online tool or the commandsha512sum hashing.png in Linux which results in ce53d733c0d7738c7a390c21ef65e8b4746795d6d6c2b8269c810bc53784bfebfeaefbc6b66e95b84b5d2eed9ae72169b960ba5ee50846233935dc903476a20f

Flag: easyctf{ce53d733c0d7738c7a390c21ef65e8b4746795d6d6c2b8269c810bc53784bfebfeaefbc6b66e95b84b5d2eed9ae72169b960ba5ee50846233935dc903476a20f}

The Oldest Trick in the Book - Intro [10 pts]

This is literally one of oldest tricks in the book. To be precise, from the year AD 56. Crack me. lhzfjam{d3sj0t3_70_345fj7m_799h21}

Hint: Et tu, Brute?

I know that lhzfjam{...} == easyctf{...} and through ascii math. L = 76, E = 69 (nice), 76 - 69 = 7. I tried rot7 and got easyctf{w3lc0m3_70_345yc7f_799a21}

Flag: easyctf{w3lc0m3_70_345yc7f_799a21}

Soupreme Encoder - Crypto [20 pts]

Decode this 8657869745f6d6174655f3432386533653538623765623463636232633436

Hint: It's encoded!

If it looks like hex code, taste like hex code, and sounds like hex code. It is most likely hex code. So decoding it from hex to ASCII the text is hexit_mate_428e3e58b7eb4ccb2c46

Flag: easyctf{hexit_mate_428e3e58b7eb4ccb2c46}

Haystack - Forensics [30 pts]

There's a flag hidden in this haystack.

977KB

haystack.txt

Haystack

Search in the document "easyctf{" and it will find the flag

Flag: easyctf{iBfbRnwyuEImrogHTqVHFgMvL}

Look At Flag - Forensics [30 pts]

What is the flag?

Hint: What is this file?

15KB

look_at_flag.txt

Flag.txt

If you open the flag in a word document it starts with PNG at the top. Change the file extension name from .txt to .png and you get this image.

Flag: easyctf{FLaaaGGGGGg}

EzSteg - Forensics [30 pts]

There appears to be a message beyond what you can see in soupculents.jpg

Hint: The description is a hint

25KB

soupculents.jpg

image

Soupculents.jpg

Running the command below it prints out gibberish and near the end, it prints out the flag

strings soupculents.jpg

Flag: easyctf{l00k_at_fil3_sigS}

Markov's Bees - Linux [50 pts]

Head over to the shell and see if you can find the flag at /problems/markovs_bees/ !

Hint: Don't do this by hand

Start by connecting to the server like in Intro: Linux problem and move to a directory by cd

cd /problems/markovs_bees/

If you do ls you see there is a heck of a lot of files which is why I see the don't do it by hand hint. Use the grep command to find it by our known phrase "easyctf{"

grep -rn "easyctf"
bees/c/e/i/bee913.txt:easyctf{grepping_stale_memes_is_fun}

Flag: easyctf{grepping_stale_memes_is_fun}

Hexedit - Rev [50 pts]

Can you find the flag in this file?

2KB

hexedit.zip

archive

hexedit

Doesn't need disassembling which is what I tried at first since it is an ELF file

strings hexedit | grep easyctf
easyctf{eb04fadf}

Flag: easyctf{eb04fadf}

Programming: Taking Input - Programming [30 pts]

OK, OK, you got Hello, world down, but can you greet specific people? You'll be given the input of a certain name. Please greet that person using the same format. For example, if the given input is Michael, print Hello, Michael!.

• For Python, consider the input() function.

• For Java, consider System.in.

• For C, consider including stdio.h and reading input using read.

• For C++, consider including iostream and reading input using cin.

This time I used C++ for code

#include<iostream>
#include<string>
int main() {
    std::string name;
    std::getline (std::cin, name);
    std::cout << "Hello, " << name << "!";
    return 0;
}

Flag: None

Programming: Teaching Old Tricks New Dog - Programming [?? pts]

None

import java.util.Scanner;

public class Main {
    public static void main(String args[]) {
        Scanner scan = new Scanner(System.in);
        String q = "abcdefghijklmnopqrstuvwxyz";
        int a = scan.nextInt();
        scan.nextLine();
        String s = scan.nextLine();
        char ch[] = s.toCharArray();
        for(char c:ch) {
            if(q.contains((c+ ""))) { // Checking if valid character
                int ne = q.indexOf(c) - a;
                if(ne < 0) { // Checking valid spot
                    ne += 26;
                }
                System.out.print(q.charAt(ne) + ""); 
            } else {
                System.out.print(c);
            }
        }
    }
}

Flag: Unknown

Programming: Over and Over - Programming [40 pts]

You can decode a Caesar cipher, but can you write a program to decode a Caesar cipher? Your program will be given 2 lines of input, and your program needs to output the original message.

• First line contains N, an integer representing how much the key was shifted by. 1 <= N <= 26

• Second line contains the ciphertext, a string consisting of lowercase letters and spaces.

  For example:

• 6

• o rubk kgyeizl

  You should print

• i love easyctf

My Java code for this problem

import java.util.Scanner;
public class Main {
    public static void main(String args[]) {
        Scanner scan = new Scanner(System.in);
        int N = scan.nextInt();
        scan.nextLine();
        System.out.print("over");
        for(int i =1;i < N;i++) {
            System.out.print(" and over");
        }
        System.out.println();
    }
}

Flag: None

Substitute - Crypto [50 pts]

Nobody can guess the flag! msg.txt

Hint: Look at the title

211B

MSG.txt

msg.txt

I manually tried to solve the substitution by using Word and got this message.

YO! NICEBOWLOFSOUP JUST MADE A NEW FLAG FOR THE CTF AND IS TOTALLY PROUD OF ITS INGENUITY. THIS IS ALSO THE SECOND PROBLEM EVER MADE FOR EASYCTF. HERE: EASYCTF{THIS_IS_AN_EASY_FLAG_TO_GUESS} USE CAPITAL LETTERS.

Flag: EASYCTF{THIS_IS_AN_EASY_FLAG_TO_GUESS}

Programming: Exclusive - Programming [20 pts]

Given two integers a and b, return a xor b. Remember, the xor operator is a bitwise operator that's usually represented by the ^ character. For example, if your input was 5 7, then you should print 2.

import java.util.Scanner;
public class Main {
    public static void main(String args[]) {
        Scanner scan = new Scanner(System.in);
        int a = scan.nextInt();
        int b = scan.nextInt();
        scan.nextLine();
        System.out.println(a ^ b);
        
    }
}

Flag: None

Xor - Crypto [50 pts]

A flag has been encrypted using single-byte xor. Can you decrypt it?

36B

xor.txt

xor file

I wrote in java code that would test every xor combination

public class xor {
	public static void main(String args[]) {
		String xo = "*.<6,;)4*&#:8!?.(\":,5(:%,;+<%75.>2";
		for(char c: xo.toCharArray()) {
			System.out.print(((char)(79 ^ ((int)c)))); // Xoring what is needed
		}
		System.out.println();
		for(int i = 0 ; i < 255;i++) { // Brute force the {
			char s = (char)(i ^ ("4".charAt(0)));
			if(s == '{') {
				System.out.println(i + " " + s);
			}
		}
	}
}

Flag: easyctf{xwntqvvoqrzpzbnjzlshnjqro}

Diff - Forensics [100 pts] [Unsolved]

Sometimes, the differences matter. Especially between the files in this archive. Hint: This is a TAR archive file. You can extract the files inside this tar by navigating to the directory where you downloaded it and running tar xf file.tar! If you don't have tar on your personal computer, you could try doing it from the Shell server. Once you extract the files, try comparing the hex encodings of the files against the first file.

Hint: Check the man page for diff by typing "man diff".

12KB

Diff.zip

archive

file.tar

First using xxd with the following commands

xxd file > file1.hex
xxd file2 > file2.hex
xxd file3 > file3.hex
xxd file4 > file4.hex

This would now make it easier to use diff and getting these results

diff < file1.hex < file2.hex
easyctfDD{di
diff < file1.hex < file3.hex
f`|`f|initlan_
diff < file1.hex < file4.hex
ez_problem!}

resulting in easyctfDD{dif'|'f|initlan_ez_problem!} which I removed the weird letters from and got easyctfDD{diffinitlan_ez_problem!} which didn't follow the format and didn't spell anything so I didn't submit it.