MasterWard Profile
  • Introduction
  • Media Links
  • Resume
  • HackThebox Notes
    • RedPanda
    • Metatwo
  • CTF Contest Writeups
    • 2017
      • Takoma Park CTF
      • TUCTF 2017
      • HITCON CTF 2017 Quals
      • CSAW CTF Qualification Round 2017
      • SEC-T CTF
      • Backdoor CTF 2017
      • Hack Dat Kiwi 2017
      • Kaspersky 2017
      • Hack.lu 2017
      • HackCon 2017
      • Defcamp 2017
      • Square CTF 2017
      • Mitre 2017
      • EKOPARTY CTF 2017
    • 2018
      • SEC-T CTF
      • Hackcon 2018
      • EasyCTF IV 2018
      • DefCamp CTF Qualifiers
      • PACTF 2018
      • CSAW CTF Qualifiers 2018
      • PicoCTF 2018
    • 2019
      • Newark Academy CTF 2019
      • Crypto CTF 2019
      • PicoCTF 2019
        • General Skills
        • Binary Exploitations
        • Forensics
        • Reverse Engineering
        • Cryptography
        • Web Exploitation
      • TAMUctf 19
    • 2021
      • picoCTF 2021
        • General Skills
        • Binary Exploitation
        • Forensics
        • Reverse Engineering
        • Cryptography
        • Web Exploitation
      • HackiHoli
      • S.H.E.L.L CTF
      • DawgCTF 2021
      • TCTF 2021
      • RedPwnCTF 2021
      • IJCTF 2021
      • UIUCTF 2021
      • Really Awesome CTF 2021
      • TMUCTF 2021
      • CSAW Qualifiers 2021
      • Pbjar CTF 2021
      • Deadface CTF 2021
    • 2022
      • NahamCon CTF 2022
      • BYUCTF 2022
      • DEF CON Qualifiers 2022
    • Useful Code
  • Software
    • Video Standardization and Compression
    • TOBIAS
    • Tracking Phone
    • Image Compression
    • Do Not Call Database
    • Color Blind Simulator
    • Gmail Unsubscriber
    • MP4 to GIF Converter
    • Optical Character Reading
    • Soft Jobs
    • OBD Project
    • Online Movie Finder
    • Work In Progress
      • Incremental Backup
      • Web Scraper - Wallpaper Edition
      • Web Blocker
      • File Manipulator
      • AppFiller
      • Cyber Security Projects
      • Bsaber AI
    • Ideas
      • CAN Programming
      • Malicious Programs
      • Remove Yourself from the Internet
      • DNA Classic
      • Auto Clicker
      • Adding Depth to a Video
      • Collage Mosaic Generator
      • Game Destroyer
      • Hearing aid Technology
      • Sign Language Recognition
      • Text Summarizer
      • Video to audio to text
      • Video Object Detection
      • VR demonstration
      • More Ideas to Elaborate on
    • Failure
      • Police Camera Radar
      • Already Created
      • Google Maps Game
      • Car price prediction
      • Bullshit Detector
      • Automated Code writter
      • Career Prediction
      • Samsung Remote Control Hack
      • Invalid Finder
      • PiHole Regex Filter
      • Group Archiver
  • Additional Articles
    • Cleaning Up a Computer Tricks
    • Getting started in Cyber Security
    • Speeding Up Your Internet
    • College Experience
    • Currently Writting
      • Reverse Engineering Notes
      • Bug Bounty Guide and Examples
      • OSCP help
      • Job Experience
      • Professional Job-Hunting Experience
Powered by GitBook
On this page
  • Glory of the Garden [50 pts]
  • So Meta [150 pts]
  • shark on wire 1 [150 pts] [Not Solved]
  • extensions [150 pts]
  • What Lies Within [150 pts]
  • m00nwalk [250 pts] [Not Solved]
  • WhitePages [250 pts]
  • c0rrupt [250 pts] [Not Solved]
  • like1000 [250 pts] [Not Solved]
  • m00nwalk2 [300 pts] [Not Solved]
  • Investigative Reversing 0 [300 pts] [Not Solved]
  • shark on wire 2 [300 pts] [Not Solved]
  • Investigative Reversing 2 [350 pts] [Not Solved]
  • Investigative Reversing 1 [350 pts] [Not Solved]
  • WebNet0 [450 pts] [Not Solved]
  • Investigative Reversing 4 [400 pts] [Not Solved]
  • Investigative Reversing 3 [400 pts] [Not Solved]
  • WebNet1 [450 pts] [Not Solved]
  • investigation_encoded_1 [450 pts] [Not Solved]
  • investigative_encoding_2 [500 pts] [Not Solved]
  • B1g_Mac [500 pts] [Not Solved]

Was this helpful?

  1. CTF Contest Writeups
  2. 2019
  3. PicoCTF 2019

Forensics

Glory of the Garden [50 pts]

Description

This garden contains more than it seems. Hint: What is a hex editor?

Solution

Being the most basic flag I assumed it would have the flag in the file in plain text but after the image. I used a simple command and the last line printed out the flag. strings garden.jpg

Flag: picoCTF{more_than_m33ts_the_3y3657BaB2C}

So Meta [150 pts]

Description

Find the flag in this picture.

Solution

Gave hint of the title "meta" so I used the built-in tool

exiftool pico_img.png

Flag: picoCTF{s0_m3ta_fec06741}

shark on wire 1 [150 pts] [Not Solved]

Description

We found this packet capture. Recover the flag.

Solution

a

Flag:

extensions [150 pts]

Description

This is a really weird text file TXT? Can you find the flag?

Solution

Either by trying to open, using the file flag.txt command, or hex editor flag.txt the conclusion is the same. It is a PNG file.

Flag: picoCTF{now_you_know_about_extensions}

What Lies Within [150 pts]

Description

There's something in the building. Can you retrieve the flag?

Solution

Using this online website's decoder function to find the flag.

Flag: picoCTF{h1d1ng_1n_th3_b1t5}

m00nwalk [250 pts] [Not Solved]

Description

Decode this message from the moon.

Solution

a

Flag:

WhitePages [250 pts]

Description

I stopped using YellowPages and moved onto WhitePages... but the page they gave me is all blank!

Solution

I know the file is filled with spaces but looking through hex editor it isn't spaces but more of other types of hex that are not viewable. I noticed it was a "." and " " pattern denoting 1's and 0's with hex "E2", "80", "83", and "20". Hmmm 4 but only needed 2... You can notice that the two patterns are E28083 and 20. Taking that and converting the bits in the file gets a bunch of 10 which goes to ASCII flag.

import binascii

def text_from_bits(bits, encoding='utf-8', errors='surrogatepass'):
    n = int(bits, 2)
    return int2bytes(n).decode(encoding, errors)

def int2bytes(i):
    hex_string = '%x' % i
    n = len(hex_string)
    return binascii.unhexlify(hex_string.zfill(n + (n & 1)))
    
with open("whitepages.txt", "rb") as bin_file:
	data = bytearray(bin_file.read()) 
	data = data.replace(b'\xe2\x80\x83', b'0')
	data = data.replace(b'\x20', b'1')
	data = data.decode("ascii")
	print(data)
	print(text_from_bits(data))

Output

00001010000010010000100101110000011010010110001101101111010000110101010001000110000010100000101000001001000010010101001101000101010001010010000001010000010101010100001001001100010010010100001100100000010100100100010101000011010011110101001001000100010100110010000000100110001000000100001001000001010000110100101101000111010100100100111101010101010011100100010000100000010100100100010101010000010011110101001001010100000010100000100100001001001101010011000000110000001100000010000001000110011011110111001001100010011001010111001100100000010000010111011001100101001011000010000001010000011010010111010001110100011100110110001001110101011100100110011101101000001011000010000001010000010000010010000000110001001101010011001000110001001100110000101000001001000010010111000001101001011000110110111101000011010101000100011001111011011011100110111101110100010111110110000101101100011011000101111101110011011100000110000101100011011001010111001101011111011000010111001001100101010111110110001101110010011001010110000101110100011001010110010001011111011001010111000101110101011000010110110001011111011000110011010100110100011001100011001000110111011000110110010000110000001101010110001100110010001100010011100000111001011001100011100000110001001101000011011101100011011000110011011001100110001101010110010001100101011000100011001001100101001101010011011001111101000010100000100100001001 picoCTF SEE PUBLIC RECORDS & BACKGROUND REPORT 5000 Forbes Ave, Pittsburgh, PA 15213 picoCTF{not_all_spaces_are_created_equal_c54f27cd05c2189f8147cc6f5deb2e56}

Flag: picoCTF{not_all_spaces_are_created_equal_c54f27cd05c2189f8147cc6f5deb2e56}

c0rrupt [250 pts] [Not Solved]

Description

We found this file. Recover the flag.

Solution

a

Flag:

like1000 [250 pts] [Not Solved]

Description

This .tar file got tarred a lot.

Solution

a

Flag:

m00nwalk2 [300 pts] [Not Solved]

Description

Revisit the last transmission. We think this transmission contains a hidden message. There are also some clues clue 1, clue 2, clue 3.

Solution

a

Flag:

Investigative Reversing 0 [300 pts] [Not Solved]

Description

We have recovered a binary and an image. See what you can make of it. There should be a flag somewhere.

Solution

a

Flag:

shark on wire 2 [300 pts] [Not Solved]

Description

We found this packet capture. Recover the flag that was pilfered from the network.

Solution

a

Flag:

Investigative Reversing 2 [350 pts] [Not Solved]

Description

We have recovered a binary and an image See what you can make of it. There should be a flag somewhere.

Solution

a

Flag:

Investigative Reversing 1 [350 pts] [Not Solved]

Description

We have recovered a binary and a few images: image, image2, image3. See what you can make of it. There should be a flag somewhere.

Solution

a

Flag:

WebNet0 [450 pts] [Not Solved]

Description

We found this packet capture and key. Recover the flag.

Solution

a

Flag:

Investigative Reversing 4 [400 pts] [Not Solved]

Description

We have recovered a binary and 5 images: image01, image02, image03, image04, image05. See what you can make of it. There should be a flag somewhere.

Solution

a

Flag:

Investigative Reversing 3 [400 pts] [Not Solved]

Description

We have recovered a binary and an image See what you can make of it. There should be a flag somewhere.

Solution

a

Flag:

WebNet1 [450 pts] [Not Solved]

Description

We found this packet capture and key. Recover the flag.

Solution

a

Flag:

investigation_encoded_1 [450 pts] [Not Solved]

Description

We have recovered a binary and 1 file: image01. See what you can make of it. NOTE: The flag is not in the normal picoCTF{XXX} format.

Solution

a

Flag:

investigative_encoding_2 [500 pts] [Not Solved]

Description

We have recovered a binary and 1 file: image01. See what you can make of it. NOTE: The flag is not in the normal picoCTF{XXX} format.

Solution

a

Flag:

B1g_Mac [500 pts] [Not Solved]

Description

Here's a zip file.

Solution

a

Flag:

PreviousBinary ExploitationsNextReverse Engineering

Last updated 3 years ago

Was this helpful?