CTF collection Vol.1
1. What does the base said?
BY the given encoded, we know that this is BASE 64 VEhNe2p1NTdfZDNjMGQzXzdoM19iNDUzfQ==
So, heat up our "oven" CyberChef
Flag: THM{ju57_d3c0d3_7h3_b453}
2. Meta Meta
This is the given picture. (Find Me.jpg)
Hint is in the title itself. Meta = Metadata. Usually I will use exiftool in linux. But, today i want to share new online tools for exiftool.
Flag: THM{3x1f_0r_3x17}
3. Mon, are we going to be okay
This is the picture that they give.
Well, just try online stega tools.
Flag: THM{500n3r_0r_l473r_17_15_0ur_7urn}
4. Erm......Magick
This was like free flag. i didn't mean to get this one. Lucky I found it.
Flag: THM{wh173_fl46}
5. QRrrrr
They give QR Code. So, just find QR Code Decode
Flag: THM{qr_m4k3_l1f3_345y}
6. Reverse it or read it?
I try to run this file.
./hello.hello
But I didn't get anything. Just a simple hello. So. I try to read this file by run this command
strings hello.hello
Flag: THM{345y_f1nd_345y_60}
7. Another decoding stuff
I try Magic in CyberChef 3agrSy1CewF9v8ukcSkPSYm3oKUoByUpKG4L
It's Base 58.
Flag: THM{17_h45_l3553r_l3773r5}
8. Left or right
MAF{atbe_max_vtxltk}
"Rot 13 is too mainstream" but we sure that this is Rot something. So, using cyberchef, rot until found the flag. It is Rot 33.
Flag: THM{hail_the_caesar}
9. Make a comment
We have no source for this challenge. Why don't we check "Inspect".
Flag: THM{4lw4y5_ch3ck_7h3_c0m3mn7}
10. Can you fix it?
He said he messed up with this PNG file. So, we open up HxD/hexeditor to check the header/footer of this file.
Yaa, he messed it up. As we can see, wrong header.
Search List of signatures
This is a signature header for PNG file.
Change and save it.
Flag: THM{y35_w3_c4n}
11. Read it
Find all possible tryhackme account until it lead too tryhackme reddit account where the flag is.
Flag: THM{50c14l_4cc0un7_15_p4r7_0f_051n7}
12. Spin my head
++++++++++[>+>+++>+++++++>++++++++++<<<<-]>>>++++++++++++++.------------.+++++.>+++++++++++++++++++++++.<<++++++++++++++++++.>>-------------------.---------.++++++++++++++.++++++++++++.<++++++++++++++++++.+++++++++.<+++.+.>----.>++++.
This is Brain Fuck
Find Online tools.
Flag: THM{0h_my_h34d}
13. An exclusive!
S1: 44585d6b2368737c65252166234f20626d S2: 1010101010101010101010101010101010
By using CyberChef, we try Hex then XOR.
Flag: THM{3xclu51v3_0r}
14. Binary Walk
So, fire up our kali to Binwalk this file
binwalk -e hell.jpg
Flag: THM{y0u_w4lk_m3_0u7}
15. Darkness
"Lurking in the dark" it sounds like a hint. I try using Stegsolve
Flag: THM{7h3r3_15_h0p3_1n_7h3_d4rkn355}
16. A sounding QR
Well, just try QR Decode online tools. ZXing Decoder Online
We get link after decode. https://soundcloud.com/user-86667759/thm-ctf-vol1
Flag: THM{SOUNDINGQR}
17. Dig up the past
I go to the link. https://www.embeddedhacker.com/
But, unfortunately! We don’t get anything for the given date. https://www.embeddedhacker.com/2020/01/hacking-walkthrough-ctflearn-crypto-medium/
Well, I need hint.
Erm, Wayback Machine. Okay, Mr Google. I need your help.
Put in our link that was given from the challenge.
Find January 2, 2020 from the calendar.
Click on 13:12:52. Scroll until found our flag.
Flag: THM{ch3ck_th3_h4ckb4ck}
18. Uncrackable!
MYKAHODTQ{RVG_YVGGK_FAL_WXF} . Well, seems like vigenere without a key to me.
Flag: TRYHACKME{YOU_FOUND_THE_KEY}
19. Small Bases
581695969015253365094191591547859387620042736036246486373595515576333693
First, I decode Decimal-Hex
Then, Hex-Ascii
Flag: THM{17_ju57_4n_0rd1n4ry_b4535}
20. Read the packet
Open up pcap file using Wireshark
Then, File - Export object - HTTP
Click on flag.txt – Save
Flag: THM{d0_n07_574lk_m3}
DONE!!
Thank you for reading my writeup.
By AdaniKamal
Last updated