Writeup by H1tch (www.h1tch.org)
Another nice CTF. This one was pretty laid back went for over a weeks time. Seemed to have a lot of Stego and crypto challenges pretty low on an type of reverse or forensics. Everything seems to have gone smoothly I didn’t notice any issues. Some members of Overflow Security were in and out of the challenges. Here are the write ups for the ones that I completed.
Put on your reading glasses (10 pts)
run strings on file. flag is on the bottom
strings Proxy.jpg M}EU]sF 1Z5;”A kjiFF 16bbee7466db38dad50701223d57ace8
What you see is what you get. (50 pts)
run strings the bottom shows us the program used and key to extract.
#strings stego_50.jpg :W9K QIK@ RP!h usethisUT steghide.sourceforge.net/download.phpPK usethisUT Delta_Force\m/ steghide –extract -sf stego_50.jpg Enter passphrase: wrote extracted data to “key_stego_1″. root@kali:~/CTF/pragyan/stego/what-you-see-is-what-you-get# ls key_stego_1 stegcrack.pl stego_50.jpg root@kali:~/CTF/pragyan/stego/what-you-see-is-what-you-get# cat key_stego_1 Congrats! This was way too wasy ￼ This is the key: PrAgyaNCTF_sTeg1_key
One more headache (20 pts)
This is a PRGYAN event text file called substitution given with the following text
PRGYAN is the key
used an online decoder
entered key: prgyanpr cipher text: dhkuagsn solution: ilovectf
Access Code (30pts)
Find the access code
a PDF is shown
RIP JPEG from PDF ( can right click and save it)
this is the JPEG
Did a google image search via drag and drop image into search box and find the artist name is Sascha Herm
The PDF said KEYED painter so go to online keyword cipher decoder
use KEY: saschahermsasch with Cipher Text: heitsctrnpsmysk and get the flag: deltactfpragyan
Totally abstruse (30 pts)
no point guessing
was given an image.
A goggle image search on this images brought up the Piet programming language.
found an online interpreter at
execute the image/code.
Hi, Welcome to npiet online ! Info: upload status: Ok Info: found picture width=115 height=115 and codel size=5 Uploaded picture (shown with a small border): world.png Info: executing: npiet -e 1000000 world.png Hello, world! Flag: Hello, world!