Egypt Universities CTF 2019
Hello and Welcome , This is Quick Write up for Some Challenges from Egypt Universities CTF 2019 Organized by CyberTalents.
It Was an Awesome Competition and all teams have high spirit and great performance
Digital Forensics Category
1 — pekz (Easy — 50 points)
In This One We had a pcap (Packet Capture)file, Inside It There are some HTTP Requests and TCP Stream
First Of all Let’s do some Recon Stuff to determine What We Actually Have in this file .
strings : to Show all printable characters in this file
grep: print lines that match given pattern and -i to ignore the case .
$strings pekz.pcap | grep -i “flag”
Alright, We Can make a Simple Bash Script to get the flag
#!/usr/bin/env bashstrings pekz.pcap | grep -i “flag{.*}” | cut -d “\”” -f 2
FLAG{0h_dump_is_ez_recover_is_eazi3r!!}
2 — Keep Calm (Medium — 100 Points)
In This Challenge We had this GIF file
First Of All we Need to slow down the speed of this GIF to know What We have , You Can Use This Website to Change the speed OR Simply you Can Use convert in linux to convert the GIF to PDF or even PNG
$convert scatter.gif scatter.pdf # convert to PDF
$convert -verbose -coalesce scatter.gif scatter.png # Convert to PNGOR gif2png to convert each Frame in GIF to PNG
$gif2png scatter.gifNow We Have this chars
arr = [“zND”, “zg5”,”MTI”,”U2N”,”MAo=”]It Looks Like base64 , Let’s Try to Decode it, BUT nothing useful because of it isn’t in the right order.
HUMMM , I think That We Need To Write a simple Script to print out all Possible Permutation from this Array.
We Have 5 Element So We Will Print 5!=120 Possible Flag , but We Can Decrease This Number .
I See That MAo= Should be The last Part Of The Base64 Encoded String.
Now We Have 4!=24 Possible Flag, Let’s Start To Write our Script.
After Running This Script I Found Unreadable Output but Two of Them Catch My Attention , The First and The Last one.
Probably One of them is the Correct flag let’s try to Submit it!
LOL, The Correct One is : 1234567890
Another Short and Handy One Using itertools in Python.
Reverse Engineering Category
1 — login (Easy — 50 Points)
In This Challenge We Have File, Let’s use file Command to determine file type.
Well, It’s an ELF executable file, let’s try to execute it..
but, It Requires Two Parameters , Username and Password
Let’s Try to Put any Random Username and Password to See What Will happen!
HUMM, I Expect That there is Function to Compare Between Input and the Correct username and password.
Let’s Try to use ltrace: To Trace Library Functions Calling like printf() or strcmp().
as Expected it Compares Between Input and username, Till Now i Can See That the Correct Username is cybertalent.
By Repeating ,with the Correct username
We Can See That The Password is P@ss, and the flag is : flag{cybertalent:P@ss}
OR Simply You Can Use strings and by Guessing You Will See the flag!
Cryptography Category
1 — Irving Secret(Medium — 100 Points)
We Have pcap File, So Let’s Open It With Wireshark
Literally We Didn’t Know What We have To Do, So We Need HINT!
“This Packets Are a Stream Of JPEG Image but, It was Shifted by ROT13”
The Hint is Clear
Alright, We Will take this Stream and Decrypt it Using ROT13
Then We Need To Convert This RAW Stream To JPEG Image
After a Little Bit of Searching I Found This Website , To Do What We Need
Then I Downloaded the image
Yeah, It Works Well^_^
and The Flag is the md5sum of this Image.
flag{0eed48c187f783159a6ab6dba559d458}
OR You Can Use xxd , You Will Get The Same Result
$xxd -r -p stream file.jpgThe Funny Part Is We Couldn’t Solve it During the Competition, Because When I Converted This Raw Stream to JPEG it didn’t work as I expected
It Looks Like That I Made a Mistake , But Anyway It Has Been Solved :D
Web Security Category
You Can Find an awesome Write-up for web Challenges Here by Moustafa Anwar
Thanks For Reading
