Monthly Archives: February 2015
PragyanCTF

Another nice CTF. This one was pretty laid back went for over a weeks time.  Seemed to have a lot of Stego and crypto challenges pretty low on an type of reverse or forensics. Everything seems to have gone smoothly I didn’t notice any issues. Some members of OverflowSecurity were in and out of the challenges. Here are the write ups for the ones that I completed.

STEGO

Put on your reading glasses (10 pts)
run strings on file. flag is on the bottom

strings Proxy.jpg

M}EU]sF
1Z5;”A
kjiFF
16bbee7466db38dad50701223d57ace8

 

What you see is what you get. (50 pts)

run strings the bottom shows us the program used and key to extract

#strings stego_50.jpg
:W9K
QIK@
RP!h
usethisUT
steghide.sourceforge.net/download.phpPK
usethisUT
Delta_Force\m/

steghide –extract -sf stego_50.jpg
Enter passphrase:
wrote extracted data to “key_stego_1”.
root@kali:~/CTF/pragyan/stego/what-you-see-is-what-you-get# ls
key_stego_1 stegcrack.pl stego_50.jpg
root@kali:~/CTF/pragyan/stego/what-you-see-is-what-you-get# cat key_stego_1
Congrats! This was way too wasy 😛

This is the key:

PrAgyaNCTF_sTeg1_key

 

CRYPTO

One more headache (20 pts)

This is a PRGYAN event
text file called substitution given with the following text
dhkuagsn
assuming that PRGYAN is the key

used an online decoder
http://www.braingle.com/brainteasers/codes/keyword.php

entered key: prgyanpr cipher text: dhkuagsn

solution: ilovectf

 

FORENSICS
Access Code (30pts)
Find the access code

a PDF is shown

pdg-image

 

RIP JPEG from PDF ( can right click and save it)

this is the JPEG

out-000

Did a google image search via drag and drop image into search box and find the artist name is Sascha Herm

The PDF said KEYED painter so go to online keyword cipher decoder
http://www.braingle.com/brainteasers/codes/keyword.php

use KEY: saschahermsasch
with Cipher Text: heitsctrnpsmysk
and get the flag: deltactfpragyan

 

MISC
Totally abstruse (30 pts)

no point guessing

was given an image.

world

A goggle image  search on this images brought up the Piet programming language.
found an online interpreter at
http://www.bertnase.de/npiet/npiet-execute.php

execute the image/code

Hi,
Welcome to npiet online !

Info: upload status: Ok
Info: found picture width=115 height=115 and codel size=5
Uploaded picture (shown with a small border): world.png

Info: executing: npiet -e 1000000 world.png

Hello, world!

Flag: Hello, world!