picoCTF 2022: binary-exploitation – CVE-XXXX-XXXX

Ulli Weichert/ April 5, 2022/ IT-Security, Write-Ups/ 0Kommentare

CVE-XXXX-XXXX Description Enter the CVE of the vulnerability as the flag with the correct flag format: picoCTF{CVE-XXXX-XXXXX} replacing XXXX-XXXXX with the numbers for the matching vulnerability. The CVE we’re looking for is the first recorded remote code execution (RCE) vulnerability in 2021 in the Windows Print Spooler Service, which is available across desktop and server versions of Windows operating systems.

Weiterlesen

picoCTF 2022: binary-exploitation – basic-file-exploit

Ulli Weichert/ April 4, 2022/ IT-Security, Write-Ups/ 0Kommentare

basic-file-exploit Description The program provided allows you to write to a file and read what you wrote from it. Try playing around with it and see if you can break it! Connect to the program with netcat: $ nc saturn.picoctf.net 49698 The program’s source code with the flag redacted can be downloaded here. Solving Netcat into the service via given

Weiterlesen

picoCTF 2022: Crypto – substitution challenges

Ulli Weichert/ April 4, 2022/ IT-Security, Write-Ups/ 0Kommentare

Substitution Challenges Because this challenges are all very similar, we will not describe them in own articles 🙂 . Solving Substitutions cypher replace the 26 letters of an alphabet with other letters (one letter matches only one other). If you can find out which letter was replaced with which letter, then you can crack this cypher relatively easily. The best

Weiterlesen

picoCTF 2022: Crypto – rail-fence

Ulli Weichert/ April 3, 2022/ IT-Security, Write-Ups/ 0Kommentare

rail-fence Description A type of transposition cipher is the rail fence cipher, which is described here. Here is one such cipher encrypted using the rail fence with 4 rails. Can you decrypt it? Download the message here. Put the decoded message in the picoCTF flag format, picoCTF{decoded_message}. Solving So – there is everything we need to know in the challenge

Weiterlesen

picoCTF 2022: Crypto – Diffie Hellman

Ulli Weichert/ April 3, 2022/ IT-Security, Write-Ups/ 0Kommentare

diffie-hellman Description Alice and Bob wanted to exchange information secretly. The two of them agreed to use the Diffie-Hellman key exchange algorithm, using p = 13 and g = 5. They both chose numbers secretly where Alice chose 7 and Bob chose 3. Then, Alice sent Bob some encoded text (with both letters and digits) using the generated key as

Weiterlesen

picoCTF 2022: Crypto – Morse Code

Ulli Weichert/ April 3, 2022/ IT-Security, Write-Ups/ 0Kommentare

morse-code Description Morse code is well known. Can you decrypt this? Download the file here. Wrap your answer with picoCTF{}, put underscores in place of pauses, and use all lowercase. Solving The soundfile is a morse code You could either translate it by your self with the morse alphabet or use this link Change all characters to lowercase and replace

Weiterlesen

picoCTF 2022: Crypto – credstuff

Ulli Weichert/ April 3, 2022/ IT-Security, Write-Ups/ 0Kommentare

credstuff Description We found a leak of a blackmarket website’s login credentials. Can you find the password of the user cultiris and successfully decrypt it? Download the leak here. The first user in usernames.txt corresponds to the first password in passwords.txt. The second user corresponds to the second password, and so on. Solving We got a tar file – extract

Weiterlesen