mirror of
https://github.com/AbdullahRizwan101/CTF-Writeups
synced 2024-11-25 05:10:23 +00:00
Add files via upload
This commit is contained in:
parent
fc1a28e09c
commit
e183e327c1
9 changed files with 211 additions and 0 deletions
74
BsidesBOS CTF 2020/Forensics/Mercury/ReadMe.md
Normal file
74
BsidesBOS CTF 2020/Forensics/Mercury/ReadMe.md
Normal file
|
@ -0,0 +1,74 @@
|
|||
#BsidesCTF-Mercury
|
||||
|
||||
This is a forensics category challenge and in this we are provided with a zip file
|
||||
|
||||
```
|
||||
root@kali:~/BsidesCTF/Forensics/Mercury# unzip mercury.zip
|
||||
|
||||
```
|
||||
|
||||
After extracting it
|
||||
|
||||
```
|
||||
root@kali:~/BsidesCTF/Forensics/Mercury/mercury# cd .hg
|
||||
root@kali:~/BsidesCTF/Forensics/Mercury/mercury/.hg# ls -la
|
||||
total 88
|
||||
drwxrwxr-x 5 root root 4096 Sep 5 04:24 .
|
||||
drwxrwxr-x 3 root root 4096 Sep 5 04:24 ..
|
||||
-rw-rw-r-- 1 root root 57 Sep 5 04:23 00changelog.i
|
||||
drwxrwxr-x 2 root root 4096 Sep 5 04:24 cache
|
||||
-rw-rw-r-- 1 root root 12301 Sep 5 04:24 dirstate
|
||||
-rw-rw-r-- 1 root root 44 Sep 5 04:24 last-message.txt
|
||||
-rw-rw-r-- 1 root root 59 Sep 5 04:23 requires
|
||||
drwxrwxr-x 3 root root 4096 Sep 5 04:24 store
|
||||
-rw-rw-r-- 1 root root 12301 Sep 5 04:24 undo.backup.dirstate
|
||||
-rw-rw-r-- 1 root root 0 Sep 5 04:24 undo.bookmarks
|
||||
-rw-rw-r-- 1 root root 7 Sep 5 04:24 undo.branch
|
||||
-rw-rw-r-- 1 root root 11 Sep 5 04:24 undo.desc
|
||||
-rw-rw-r-- 1 root root 12301 Sep 5 04:24 undo.dirstate
|
||||
drwxrwxr-x 2 root root 4096 Sep 5 04:24 wcache
|
||||
|
||||
```
|
||||
We find `last-message.txt` and on reading the file
|
||||
|
||||
`Y2U1ZmYzMWVhY2EyNWMwMzg1OTJhNGI3YjAxNGVjNDcK`
|
||||
|
||||
It looked like hex text so after converting it : `!....`
|
||||
|
||||
|
||||
|
||||
```
|
||||
root@kali:~/BsidesCTF/Forensics/Mercury/mercury/.hg/store# ls -la
|
||||
total 152
|
||||
drwxrwxr-x 3 root root 4096 Sep 5 04:24 .
|
||||
drwxrwxr-x 5 root root 4096 Sep 5 04:24 ..
|
||||
-rw-rw-r-- 1 root root 42269 Sep 5 04:24 00changelog.i
|
||||
-rw-rw-r-- 1 root root 32533 Sep 5 04:24 00manifest.i
|
||||
drwxrwxr-x 2 root root 28672 Sep 5 04:24 data
|
||||
-rw-rw-r-- 1 root root 10452 Sep 5 04:24 fncache
|
||||
-rw-rw-r-- 1 root root 43 Sep 5 04:23 phaseroots
|
||||
-rw-rw-r-- 1 root root 93 Sep 5 04:24 undo
|
||||
-rw-rw-r-- 1 root root 71 Sep 5 04:24 undo.backupfiles
|
||||
-rw-rw-r-- 1 root root 10400 Sep 5 04:24 undo.backup.fncache
|
||||
-rw-rw-r-- 1 root root 43 Sep 5 04:24 undo.phaseroots
|
||||
root@kali:~/BsidesCTF/Forensics/Mercury/mercury/.hg/store# cat phaseroots
|
||||
───────┬────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────
|
||||
│ File: phaseroots
|
||||
───────┼────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────
|
||||
1 │ 1 d84fea9fd7bdd1bc08362adbba38a07443ce748d
|
||||
───────┴────────────────────────────────────────────────────────────────────────────
|
||||
|
||||
```
|
||||
|
||||
This is SHA-1 Hash on cracking it `960cb04d1905bac1b33870f7c3ff0f2c53510619`
|
||||
|
||||
|
||||
Now there is directory named `data` and there are bunch of files maybe `binary` files.
|
||||
|
||||
Run this command `ls | xargs strings`
|
||||
|
||||
This command will first list all files since we are piping it to xargs which can run operation on multiple files so I just ran strings to check any strings are there in file and boom
|
||||
|
||||
`flag{version_control_for_the_solar_system}`
|
||||
|
||||
We got our flag.
|
BIN
BsidesBOS CTF 2020/Forensics/Mercury/mercury.zip
Normal file
BIN
BsidesBOS CTF 2020/Forensics/Mercury/mercury.zip
Normal file
Binary file not shown.
22
BsidesBOS CTF 2020/Warmup/Baseball/ReadMe.md
Normal file
22
BsidesBOS CTF 2020/Warmup/Baseball/ReadMe.md
Normal file
|
@ -0,0 +1,22 @@
|
|||
# BsidesCTF-Baseball
|
||||
|
||||
|
||||
Run strings baseball
|
||||
|
||||
you will get this base64 decoded text
|
||||
|
||||
`TzRaVUNVMlRNRTRIQTZMSFBGWkdTNVpTSzVZVU1ZSllIQk5ER00zREdKTkhBVTJWSkJHVkNWMllPRlVFSzMyRE9GTUVNMkNaR0Y1RU1VUlpNUlNHS1JSWE9CQ1VVU1pZSk4ySEFWVFVPVTJGQzJDV000WlUyUVNHSlpBVFNNUT0=
|
||||
`
|
||||
|
||||
Then decode it
|
||||
|
||||
`O4ZUCU2TME4HA6LHPFZGS5ZSK5YUMYJYHBNDGM3DGJNHAU2VJBGVCV2YOFUEK32DOFMEM2CZGF5EMURZMRSGKRRXOBCUUSZYJN2HAVTUOU2FC2CWM4ZU2QSGJZATSMQ=`
|
||||
|
||||
Now this is base32 decoded text
|
||||
|
||||
`w3ASSa8pygyriw2WqFa88Z33c2ZpSUHMQWXqhEoCqXFhY1zFR9ddeF7pEJK8KtpVtu4QhVg3MBFNA92`
|
||||
|
||||
And this is base58 decoded text
|
||||
|
||||
|
||||
`flag{wow_you_hit_a_homerun_and_really_ran_the_bases_there}`
|
1
BsidesBOS CTF 2020/Warmup/Baseball/baseball
Normal file
1
BsidesBOS CTF 2020/Warmup/Baseball/baseball
Normal file
|
@ -0,0 +1 @@
|
|||
TzRaVUNVMlRNRTRIQTZMSFBGWkdTNVpTSzVZVU1ZSllIQk5ER00zREdKTkhBVTJWSkJHVkNWMllPRlVFSzMyRE9GTUVNMkNaR0Y1RU1VUlpNUlNHS1JSWE9CQ1VVU1pZSk4ySEFWVFVPVTJGQzJDV000WlUyUVNHSlpBVFNNUT0=
|
30
BsidesBOS CTF 2020/Warmup/EzBakeOven/ReadMe.md
Normal file
30
BsidesBOS CTF 2020/Warmup/EzBakeOven/ReadMe.md
Normal file
|
@ -0,0 +1,30 @@
|
|||
# BsidesCTF-EZ Bake Oven
|
||||
|
||||
This challenge was part of Warmup and it was difficult . I send like an hour to figure out what to do with it. Anyways
|
||||
|
||||
<img src="https://imgur.com/THjmYiF.png"/>
|
||||
|
||||
Now we see `Magic Cookies` is fishy here
|
||||
|
||||
|
||||
<img src="https://imgur.com/cDK7oFr.png"/>
|
||||
|
||||
But as you can see it's gonna take forever to timeout. So I looked at the dev tools
|
||||
|
||||
|
||||
<img src="https://imgur.com/TqViuIU.png"/>
|
||||
|
||||
Thought about modifying the cookie , You can see that it is base64 encoded text by looking at`=` on the end.
|
||||
|
||||
|
||||
<img src="https://imgur.com/EHyYsw6.png"/>
|
||||
|
||||
Modify the cookie by changing a date way back so timer ends.
|
||||
|
||||
|
||||
<img src="https://imgur.com/insw9jq.png"/>
|
||||
|
||||
Take the modified cookie's base64 encoded text and replace it with the cookie in the dev tools then refresh the page
|
||||
|
||||
<img src="https://imgur.com/GsVuDQd.png"/>
|
||||
|
19
BsidesBOS CTF 2020/Warmup/Kiddie Pool/ReadMe.md
Normal file
19
BsidesBOS CTF 2020/Warmup/Kiddie Pool/ReadMe.md
Normal file
|
@ -0,0 +1,19 @@
|
|||
# BsidesCTF-Kiddie Pool
|
||||
|
||||
## Image Quick
|
||||
|
||||
Open the image with `image quick` on right side you will see the options
|
||||
|
||||
|
||||
https://imgur.com/KgksH6t.png
|
||||
|
||||
|
||||
https://imgur.com/pMTAsGm.png
|
||||
|
||||
|
||||
https://imgur.com/DqyMhw1.png
|
||||
|
||||
|
||||
And you'll get the flag
|
||||
|
||||
`flag {whirlpool_in_a_cinch}
|
BIN
BsidesBOS CTF 2020/Warmup/Kiddie Pool/kiddie_pool.png
Normal file
BIN
BsidesBOS CTF 2020/Warmup/Kiddie Pool/kiddie_pool.png
Normal file
Binary file not shown.
After Width: | Height: | Size: 205 KiB |
65
BsidesBOS CTF 2020/Warmup/Play The Harp/ReadMe.md
Normal file
65
BsidesBOS CTF 2020/Warmup/Play The Harp/ReadMe.md
Normal file
|
@ -0,0 +1,65 @@
|
|||
# BsidesCTF-Play The Harp
|
||||
|
||||
You are given a picture of harp
|
||||
|
||||
<imge src="https://imgur.com/1TOF0Yl.png"/>
|
||||
|
||||
Run the command `strings` on image file and pipe it to `less` as to navigate while you are looking at for some strings.
|
||||
|
||||
`strings harp.jpg | less`
|
||||
|
||||
|
||||
|
||||
|
||||
```
|
||||
HDNR6GFf
|
||||
6LLIJK9l
|
||||
18NL1HWa
|
||||
GCU85U5g
|
||||
RQ9CGTH{
|
||||
T47Y9SUt
|
||||
2SKZJOBh
|
||||
H06K09Ze
|
||||
3BWV54X_
|
||||
C1VY4EIh
|
||||
GO0DK9Ua
|
||||
ZZLVBMZr
|
||||
8CK8FTGp
|
||||
TNDQURH_
|
||||
CEHGS41i
|
||||
ONSNNRTn
|
||||
DYAKGQMs
|
||||
AX9CNZ7t
|
||||
CS5R3KQr
|
||||
U4A6BBVu
|
||||
F2RULTOm
|
||||
D2NLIUPe
|
||||
KYKGKGVn
|
||||
AN98O3Ht
|
||||
G9STPVD_
|
||||
ETGMLPCh
|
||||
TFUFSALa
|
||||
PK4CD5Ss
|
||||
6EDFJ45_
|
||||
CIOL1S0v
|
||||
VIJP3WFe
|
||||
OU3CPSBr
|
||||
O0F6WTWt
|
||||
NKIWW0Ri
|
||||
QPFWGVNc
|
||||
CJUPZL9a
|
||||
CEC4YQ8l
|
||||
YC23ZR6_
|
||||
DTUT5VJs
|
||||
113O5FVt
|
||||
VY2QV4Br
|
||||
C498PXFi
|
||||
NO6EMR1n
|
||||
ND8JBSNg
|
||||
OQJOHJUs
|
||||
8IOJ9LD}
|
||||
|
||||
```
|
||||
You will see this block of strings now looking at the extreme right side try to read it vertically you'll find the flag
|
||||
|
||||
`flag {the_harp_instrument_has_vertical_strings}
|
BIN
BsidesBOS CTF 2020/Warmup/Play The Harp/harp.jpg
Normal file
BIN
BsidesBOS CTF 2020/Warmup/Play The Harp/harp.jpg
Normal file
Binary file not shown.
After Width: | Height: | Size: 280 KiB |
Loading…
Reference in a new issue