# EasyCTF IV 2018
## Discord - Misc \[1 pt]
> Join the Discord chat! Maybe if you use it enough, you'll find the flag.
>
> Hint: The link to joining the Discord is on our Updates page ;) Make sure you read the info channel.
Solution: Join the discord server and the flag is in the channel description
Flag: easyctf{Is\_this\_really\_a\_D1sc0rd\_fl4g!}
## Intro: Hello, world! - Misc \[1 pt]
> Using your favorite language of choice, print Hello, world! to the output.
>
> * For Python, consider the print function.
> * For Java, consider System.out.println.
> * For CXX, consider including stdio.h and using the printf function.
>
> Hint: If you're not sure how to do this, try searching Google for how to make "Hello world!" programs in your language of choice.
I decided to use Java
```java
public class Main {
public static void main(String args[]) {
System.out.println("Hello, world!");
}
}
```
**Flag:** None
## Intro: Linux - Intro \[10 pt]
> Log into the shell server! You can do this in your browser by clicking on the Shell server link in the dropdown in the top right corner, or using an SSH client by following the directions on that page. Once you've logged in, you'll be in your home directory. We've hidden something there! Try to find it. :)
Connecting to the shell server \[username: user46667]
```
ssh user46667@s.easyctf.com
```
Then execute command to list all the files \[if you do 'ls' by itself it will not work]
```
user46667@shell:~$ ls -lA
total 1
-rw-r--r-- 1 user666 ctfuser 41 Feb 7 21:16 .flag
```
Now we know there is a file so we just have to read it
```
user46667@shell:~$ cat .flag
easyctf{i_know_how_2_find_hidden_files!}
```
Flag: easyctf{i\_know\_how\_2\_find\_hidden\_files!}
## Intro: Web - Intro \[10 pts]
> The web goes well beyond the surface of the browser! Warm up your web-sleuthing skills with this challenge by finding the hidden flag on this page!
>
> Hint: Not sure where to look? Try looking up 'source code', specifically related to web pages.
If you look at the source code you can find the flag
Flag: easyctf{hidden\_from\_the\_masses\_11a8b2}
## Intro: Netcat - Intro \[20 pts]
> I've got a little flag for you! Connect to `c1.easyctf.com:12481` to get it, but you can't use your browser! (Don't know how to connect? Look up TCP clients like Netcat. Hint: the Shell server has Netcat installed already!) Here's your player key: `3770529`. Several challenges might ask you for one, so you can get a unique flag!
Going through the prompt this is what terminal should look like
```
nc c1.easyctf.com 12481
enter your player key: 3770529
thanks! here's your key: easyctf{hello_there!_C06DFE0d60723Bec}
```
Flag: easyctf{hello\_there!\_C06DFE0d60723Bec}
## Intro: Hashing - Misc \[20 pts]
> Cryptographic hashes are pretty cool! Take the SHA-512 hash of this file, and submit it as your flag.
>
> Hint: Try searching the web to find out what SHA-512 is.
{% file src="" %}
You can use an online tool or the command`sha512sum hashing.png` in Linux which results in ce53d733c0d7738c7a390c21ef65e8b4746795d6d6c2b8269c810bc53784bfebfeaefbc6b66e95b84b5d2eed9ae72169b960ba5ee50846233935dc903476a20f
Flag: easyctf{ce53d733c0d7738c7a390c21ef65e8b4746795d6d6c2b8269c810bc53784bfebfeaefbc6b66e95b84b5d2eed9ae72169b960ba5ee50846233935dc903476a20f}
## The Oldest Trick in the Book - Intro \[10 pts]
> This is literally one of oldest tricks in the book. To be precise, from the year AD 56. Crack me. `lhzfjam{d3sj0t3_70_345fj7m_799h21}`
>
> Hint: Et tu, Brute?
I know that lhzfjam{...} == easyctf{...} and through ascii math. L = 76, E = 69 (nice), 76 - 69 = 7. I tried rot7 and got easyctf{w3lc0m3\_70\_345yc7f\_799a21}
Flag: easyctf{w3lc0m3\_70\_345yc7f\_799a21}
## Soupreme Encoder - Crypto \[20 pts]
> Decode this `8657869745f6d6174655f3432386533653538623765623463636232633436`
>
> Hint: It's encoded!
If it looks like hex code, taste like hex code, and sounds like hex code. It is most likely hex code. So decoding it from hex to ASCII the text is hexit\_mate\_428e3e58b7eb4ccb2c46
Flag: easyctf{hexit\_mate\_428e3e58b7eb4ccb2c46}
## Haystack - Forensics \[30 pts]
> There's a flag hidden in this haystack.
{% file src="" %}
Haystack
{% endfile %}
Search in the document "easyctf{" and it will find the flag
Flag: easyctf{iBfbRnwyuEImrogHTqVHFgMvL}
## Look At Flag - Forensics \[30 pts]
> What is the flag?
>
> Hint: What is this file?
{% file src="" %}
Flag.txt
{% endfile %}
If you open the flag in a word document it starts with PNG at the top. Change the file extension name from .txt to .png and you get this image.
Flag: easyctf{FLaaaGGGGGg}
## EzSteg - Forensics \[30 pts]
> There appears to be a message beyond what you can see in soupculents.jpg
>
> Hint: The description is a hint
{% file src="" %}
Soupculents.jpg
{% endfile %}
Running the command below it prints out gibberish and near the end, it prints out the flag
```
strings soupculents.jpg
```
Flag: easyctf{l00k\_at\_fil3\_sigS}
## Markov's Bees - Linux \[50 pts]
> Head over to the shell and see if you can find the flag at `/problems/markovs_bees/` !
>
> Hint: Don't do this by hand
Start by connecting to the server like in Intro: Linux problem and move to a directory by cd
```
cd /problems/markovs_bees/
```
If you do ls you see there is a heck of a lot of files which is why I see the don't do it by hand hint. Use the grep command to find it by our known phrase "easyctf{"
```
grep -rn "easyctf"
bees/c/e/i/bee913.txt:easyctf{grepping_stale_memes_is_fun}
```
Flag: easyctf{grepping\_stale\_memes\_is\_fun}
## Hexedit - Rev \[50 pts]
> Can you find the flag in this file?
{% file src="" %}
hexedit
{% endfile %}
Doesn't need disassembling which is what I tried at first since it is an ELF file
```
strings hexedit | grep easyctf
easyctf{eb04fadf}
```
Flag: easyctf{eb04fadf}
## Programming: Taking Input - Programming \[30 pts]
> OK, OK, you got Hello, world down, but can you greet specific people? You'll be given the input of a certain name. Please greet that person using the same format. For example, if the given input is Michael, print Hello, Michael!.
>
> * For Python, consider the input() function.
> * For Java, consider System.in.
> * For C, consider including stdio.h and reading input using read.
> * For C++, consider including iostream and reading input using cin.
This time I used C++ for code
```cpp
#include
#include
int main() {
std::string name;
std::getline (std::cin, name);
std::cout << "Hello, " << name << "!";
return 0;
}
```
Flag: None
## Programming: Teaching Old Tricks New Dog - Programming \[?? pts]
> None
```java
import java.util.Scanner;
public class Main {
public static void main(String args[]) {
Scanner scan = new Scanner(System.in);
String q = "abcdefghijklmnopqrstuvwxyz";
int a = scan.nextInt();
scan.nextLine();
String s = scan.nextLine();
char ch[] = s.toCharArray();
for(char c:ch) {
if(q.contains((c+ ""))) { // Checking if valid character
int ne = q.indexOf(c) - a;
if(ne < 0) { // Checking valid spot
ne += 26;
}
System.out.print(q.charAt(ne) + "");
} else {
System.out.print(c);
}
}
}
}
```
Flag: Unknown
## Programming: Over and Over - Programming \[40 pts]
> You can decode a Caesar cipher, but can you write a program to decode a Caesar cipher? Your program will be given 2 lines of input, and your program needs to output the original message.
>
> * First line contains N, an integer representing how much the key was shifted by. 1 <= N <= 26
> * Second line contains the ciphertext, a string consisting of lowercase letters and spaces.
>
> For example:
> * `6`
> * `o rubk kgyeizl`
>
> You should print
> * `i love easyctf`
My Java code for this problem
```java
import java.util.Scanner;
public class Main {
public static void main(String args[]) {
Scanner scan = new Scanner(System.in);
int N = scan.nextInt();
scan.nextLine();
System.out.print("over");
for(int i =1;i < N;i++) {
System.out.print(" and over");
}
System.out.println();
}
}
```
Flag: None
## Substitute - Crypto \[50 pts]
> Nobody can guess the flag! msg.txt
>
> Hint: Look at the title
{% file src="" %}
msg.txt
{% endfile %}
I manually tried to solve the substitution by using Word and got this message.
YO! NICEBOWLOFSOUP JUST MADE A NEW FLAG FOR THE CTF AND IS TOTALLY PROUD OF ITS INGENUITY. THIS IS ALSO THE SECOND PROBLEM EVER MADE FOR EASYCTF. HERE: EASYCTF{THIS\_IS\_AN\_EASY\_FLAG\_TO\_GUESS} USE CAPITAL LETTERS.
Flag: EASYCTF{THIS\_IS\_AN\_EASY\_FLAG\_TO\_GUESS}
## Programming: Exclusive - Programming \[20 pts]
> Given two integers a and b, return a xor b. Remember, the xor operator is a bitwise operator that's usually represented by the ^ character. For example, if your input was 5 7, then you should print 2.
```java
import java.util.Scanner;
public class Main {
public static void main(String args[]) {
Scanner scan = new Scanner(System.in);
int a = scan.nextInt();
int b = scan.nextInt();
scan.nextLine();
System.out.println(a ^ b);
}
}
```
Flag: None
## Xor - Crypto \[50 pts]
> A flag has been encrypted using single-byte xor. Can you decrypt it?
{% file src="" %}
xor file
{% endfile %}
I wrote in java code that would test every xor combination
```java
public class xor {
public static void main(String args[]) {
String xo = "*.<6,;)4*&#:8!?.(\":,5(:%,;+<%75.>2";
for(char c: xo.toCharArray()) {
System.out.print(((char)(79 ^ ((int)c)))); // Xoring what is needed
}
System.out.println();
for(int i = 0 ; i < 255;i++) { // Brute force the {
char s = (char)(i ^ ("4".charAt(0)));
if(s == '{') {
System.out.println(i + " " + s);
}
}
}
}
```
Flag: easyctf{xwntqvvoqrzpzbnjzlshnjqro}
## Diff - Forensics \[100 pts] \[Unsolved]
> Sometimes, the differences matter. Especially between the files in this archive.\
> Hint: This is a TAR archive file. You can extract the files inside this tar by navigating to the directory where you downloaded it and running tar xf file.tar! If you don't have tar on your personal computer, you could try doing it from the Shell server. Once you extract the files, try comparing the hex encodings of the files against the first file.
>
> Hint: Check the man page for diff by typing "man diff".
{% file src="" %}
file.tar
{% endfile %}
First using xxd with the following commands
```
xxd file > file1.hex
xxd file2 > file2.hex
xxd file3 > file3.hex
xxd file4 > file4.hex
```
This would now make it easier to use diff and getting these results
```
diff < file1.hex < file2.hex
easyctfDD{di
diff < file1.hex < file3.hex
f`|`f|initlan_
diff < file1.hex < file4.hex
ez_problem!}
```
resulting in easyctfDD{dif'|'f|initlan\_ez\_problem!} which I removed the weird letters from and got\
easyctfDD{diffinitlan\_ez\_problem!} which didn't follow the format and didn't spell anything so I didn't submit it.
---
# Agent Instructions: Querying This Documentation
If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.
Perform an HTTP GET request on the current page URL with the `ask` query parameter:
```
GET https://codingmace.gitbook.io/masterward/ctf/2018/easyctf-iv-2018.md?ask=
```
The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.
Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.