DEADFACE CTF 2022 // Dreaming of You

Christian Leipold/ Oktober 18, 2022/ IT-Security, Write-Ups/ 0Kommentare

Dreaming of You TYPE: TRAFFIC ANALYSIS PCAP Challenge Someone doesn´t understand networking traffic. Now I know their deepest crush. Can you find the flag from the PCAP file? Submit the flag as flag{text}. Download File SHA1: 1c99dee5307143e7dad0f0a19e58ad431eb5b8ce Solution Downloaded the provided file and opened it with wireshark. Just searched for flag and here it is: EASY 5 points: flag{longing_for_nancy}

DEADFACE CTF 2022 // Going Old School

Christian Leipold/ Oktober 18, 2022/ IT-Security, Write-Ups/ 0Kommentare

GOING OLD SCHOOL TYPE: CRYPTOGRAPHY Challenge Unable to use their RSA encryption program, luciafer resorts to using old school techniques to send a message out to the team. Can you decipher the code and find the flag? Submit the flag as flag{flag text} Download Image SHA1: 1afcf5cc3a64f3924f27425ed344fbe4545c5554 env.deadface.io Solution The link provided was the following image. At first sight we

Weiterlesen

DEADFACE CTF 2022 // Pandora´s Box

Christian Leipold/ Oktober 18, 2022/ IT-Security, Write-Ups/ 0Kommentare

Pandora´s Box TYPE: CRYPTOGRAPHY Challenge Pandora´s box, we have found it! Even better, the last travelers knew the numbered code to get in but they couldn’t figure out the transcription. Figure out the the transcription’s translation to find the flag! Download Image SHA1: 8e613787658d2d5828448aa182e2bb4904c124a8 Submit the flag as: flag{word_word_word_word} Solution Given was the follwing image So it looks like that

Weiterlesen

DEADFACE CTF 2022 // Passing on Complexity

Christian Leipold/ Oktober 18, 2022/ IT-Security, Write-Ups/ 0Kommentare

Passing on Complexity TYPE: TRAFFIC ANALYSIS PCAP Challenge ESU’s IT staff swears up and down that the backup user’s password is secure and follows best practice. Their internal auditors are not convinced and are asking for your help to determine the backup user’s password at the time of the breach. Submit the flag as flag{password}. Use the packet capture from

Weiterlesen

DamCTF 2021: rev – seed / Writeup

Christian Leipold/ November 11, 2021/ IT-Security, Write-Ups/ 0Kommentare

DamCTF 2021 rev/seed m0x Having a non-weak seed when generating "random" numbers is super important! Can you figure out what is wrong with this PRNG implementation? seed.py is the Python script used to generate the flag for this challenge. log.txt is the output from the script when the flag was generated. What is the flag? Downloads log.txt seed.py Given was

Weiterlesen

DamCTF 2021: malware – sneaky-script / Writeup

Christian Leipold/ November 11, 2021/ IT-Security, Write-Ups/ 0Kommentare

DamCTF 2021 malware/sneaky-script (forensics/rev) captainGeech We recovered a malicious script from a victim environment. Can you figure out what it did and if any sensitive information was exfiltrated? We were able to export some PCAP data from their environment as well. Downloads files.zip Given was a pcap file and a bash script. -rwxr-xr-x 1 root root 516 5. Nov 05:35

Weiterlesen

DamCTF 2021: misc – bad-patterns / Writeup

Christian Leipold/ November 11, 2021/ IT-Security, Write-Ups/ 0Kommentare

DamCTF 2021 misc/bad-patterns BaboonWithTheGoon A hacker was too lazy to do proper encryption. However, they left us some examples of how their encryption "algo" was supposed to work. original text : "Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris

Weiterlesen