search

CTF collection Vol.1

hashtag
1. What does the base said?

image

BY the given encoded, we know that this is BASE 64 VEhNe2p1NTdfZDNjMGQzXzdoM19iNDUzfQ==

So, heat up our "oven" CyberChefarrow-up-right

image

Flag: THM{ju57_d3c0d3_7h3_b453}

hashtag
2. Meta Meta

image

This is the given picture. (Find Me.jpg)

Findme

Hint is in the title itself. Meta = Metadata. Usually I will use exiftool in linux. But, today i want to share new online tools for exiftool.

metapiczarrow-up-right

image

Flag: THM{3x1f_0r_3x17}

hashtag
3. Mon, are we going to be okay

image

This is the picture that they give.

Extinction

Well, just try online stega tools.

Steganographic Decoderarrow-up-right

image

Flag: THM{500n3r_0r_l473r_17_15_0ur_7urn}

hashtag
4. Erm......Magick

image

This was like free flag. i didn't mean to get this one. Lucky I found it.

image

Flag: THM{wh173_fl46}

hashtag
5. QRrrrr

image

They give QR Code. So, just find QR Code Decode

ZXing Decoder Onlinearrow-up-right

image

Flag: THM{qr_m4k3_l1f3_345y}

hashtag
6. Reverse it or read it?

image

I try to run this file.

image

But I didn't get anything. Just a simple hello. So. I try to read this file by run this command

image

Flag: THM{345y_f1nd_345y_60}

hashtag
7. Another decoding stuff

image

I try Magic in CyberChef 3agrSy1CewF9v8ukcSkPSYm3oKUoByUpKG4L

It's Base 58.

CyberChefarrow-up-right

image

Flag: THM{17_h45_l3553r_l3773r5}

hashtag
8. Left or right

image

MAF{atbe_max_vtxltk}

"Rot 13 is too mainstream" but we sure that this is Rot something. So, using cyberchef, rot until found the flag. It is Rot 33.

CyberChefarrow-up-right

image

Flag: THM{hail_the_caesar}

hashtag
9. Make a comment

image

We have no source for this challenge. Why don't we check "Inspect".

image

Flag: THM{4lw4y5_ch3ck_7h3_c0m3mn7}

hashtag
10. Can you fix it?

image

He said he messed up with this PNG file. So, we open up HxD/hexeditor to check the header/footer of this file.

image

Yaa, he messed it up. As we can see, wrong header.

Search List of signaturesarrow-up-right

This is a signature header for PNG file.

image

Change and save it.

image
repair

Flag: THM{y35_w3_c4n}

hashtag
11. Read it

image

Find all possible tryhackme account until it lead too tryhackme reddit account where the flag is.

tryhackme - redditarrow-up-right

image

Flag: THM{50c14l_4cc0un7_15_p4r7_0f_051n7}

hashtag
12. Spin my head

image

++++++++++[>+>+++>+++++++>++++++++++<<<<-]>>>++++++++++++++.------------.+++++.>+++++++++++++++++++++++.<<++++++++++++++++++.>>-------------------.---------.++++++++++++++.++++++++++++.<++++++++++++++++++.+++++++++.<+++.+.>----.>++++.

This is Brain Fuckarrow-up-right

Find Online tools.

Brainfuckarrow-up-right

image

Flag: THM{0h_my_h34d}

hashtag
13. An exclusive!

image

S1: 44585d6b2368737c65252166234f20626d S2: 1010101010101010101010101010101010

By using CyberChefarrow-up-right, we try Hex then XOR.

image

Flag: THM{3xclu51v3_0r}

hashtag
14. Binary Walk

image

So, fire up our kali to Binwalk this file

image
image

Flag: THM{y0u_w4lk_m3_0u7}

hashtag
15. Darkness

image

"Lurking in the dark" it sounds like a hint. I try using Stegsolve

image

Flag: THM{7h3r3_15_h0p3_1n_7h3_d4rkn355}

hashtag
16. A sounding QR

image

Well, just try QR Decode online tools. ZXing Decoder Onlinearrow-up-right

image

We get link after decode. https://soundcloud.com/user-86667759/thm-ctf-vol1

image

Flag: THM{SOUNDINGQR}

hashtag
17. Dig up the past

image

I go to the link. https://www.embeddedhacker.com/

But, unfortunately! We don’t get anything for the given date. https://www.embeddedhacker.com/2020/01/hacking-walkthrough-ctflearn-crypto-medium/

Well, I need hint.

image

Erm, Wayback Machine. Okay, Mr Google. I need your help.

Wayback Machinearrow-up-right

Put in our link that was given from the challenge.

image

Find January 2, 2020 from the calendar.

image

Click on 13:12:52arrow-up-right. Scroll until found our flag.

image

Flag: THM{ch3ck_th3_h4ckb4ck}

hashtag
18. Uncrackable!

image

MYKAHODTQ{RVG_YVGGK_FAL_WXF} . Well, seems like vigenere without a key to me.

Vigenere Solverarrow-up-right

image

Flag: TRYHACKME{YOU_FOUND_THE_KEY}

hashtag
19. Small Bases

image

581695969015253365094191591547859387620042736036246486373595515576333693

First, I decode Decimal-Hexarrow-up-right

image

Then, Hex-Asciiarrow-up-right

image

Flag: THM{17_ju57_4n_0rd1n4ry_b4535}

hashtag
20. Read the packet

image

Open up pcap file using Wireshark

Then, File - Export object - HTTP

image

Click on flag.txt – Save

image

Flag: THM{d0_n07_574lk_m3}

DONE!!

Thank you for reading my writeup.

By AdaniKamal

PreviousCC-StegoNextCrack The Hash

Last updated