CyberTalnets Quals National CTF 2020
Hi People :D
This is My Write up For Cyber Talents Quals Round 2020, so let's get started
At first, Thanks to Omakmoh for helping me solve these challenges
General Information Category
Dangerous Office (Basic— 25 Points)
As you can see, you can search in google with the keyword “Viruses infect applications such as Microsoft Word or Excel” from the first article you will see the answer... it’s “macro virus”
Answer: macro
Web Security Category
1- Pr0mo (Easy — 50 Points)
Challenge URL:
http://ec2-18-156-199-115.eu-central-1.compute.amazonaws.com/promo/
I tried to brute-force directories, But I didn't find anything. then I tried to intercept a request with Burp-Suite and I found a JWT token in cookie header
So, let’s decode this token with jwt.io
it’s HS256 Algorithm, I used JWT-Cracker to get the secret key
go back to jwt.io again and add the secret key and change user to admin
intercept the request again and send it to repeater, Change the Token and you’ll see the Brain-Fu*k encoded string
go to This website to decode the string
Flag: FLAG{JWT_I_Lik3_iT}
2- Red Alert 2.0 (Easy — 50 Points)
Challenge URL: http://ec2-18-156-199-115.eu-central-1.compute.amazonaws.com/redalert/
I found this input and as the name of the challenge I tried to fire an XSS Alert Payload ( You can find good payloads Here ).
This payload worked for me : (“<noscript onkeyup=”alert(1337)” contenteditable>1337</noscript>”)
Fire this payload and simply you got the flag :D
Flag: FLAG{Go0Gl3_XSs_XD}
3- Mystery (Medium — 100 Point)
Challenge URL: http://ec2-18-156-199-115.eu-central-1.compute.amazonaws.com/mystery/
After opening the source code, I found this MD5 hash strings
Decode it, you got these values ( 66, 1, 5 ).
so, trying to brute-force numbers after encoding it with MD5 ( You can make a simple script to handle this process )
After trying some numbers, I found the correct one.
It was 43 with a hash value “17e62166fc8586dfa4d1bc0e1742c08b”
Open the file, you’ll see a plaintext flag
Flag: flag{MD5-N0T-1337}
Digital Forensics Category
1- Images3c (Easy — 50 Points)
Challenge File URL: https://hubchallenges.s3-eu-west-1.amazonaws.com/Forensics/cyber.zip
After unzipping the file, you’ll see this image
I tried to use steghide to extract any hidden files, but the file protected with a password. so, let’s try to crack the password.
I used the Steghide-crack tool
Let’s run the script with rockyou wordlist and let the script guess the password
after a minute the tool success find the password
open output.txt
We found the flag :)
Flag: flag{cyb3rs3cisaw3s0me}
2- Malicious File (Medium — 100 Points)
Challenge File URL: https://hubchallenges.s3-eu-west-1.amazonaws.com/Forensics/UsrClass.dat
After opening the file in Autopsy, go to Shell Bags the target file is there
Then, search for this file ( Windows Loader v2.2.2 ) with Keyword Search in the top right corner
As the above image, The MFT entry is 17120 … The challenge want MD5 for this entry, so I use This website to generate a hash
Flag: d72eecc6b164864790fe25f2bd64a8ab
Cryptography Category
Queen (Medium— 100 Point)
Challenge File URL: https://hubchallenges.s3-eu-west-1.amazonaws.com/Crypto/queen.zip
unzip the file, you get a 4 text file that seems to be an image
I used a XORtool to brute-force the key and get image from each file
After this, you can find the image in xortool_out directory
hmmm, it seems to be a Mary Stuart Code encrypted
repeat this process to 4 files and enter the code from file1 to file4 in This Website to decode it
Flag: DONTTRUSTANYQUEEN
finally, Thank you for reading this writeup :D
