Embedded Security CTF 2022

Crypto

Crypto Training Caesar

Caesar's ghost is communicating with us using an Ouija Board. He is skeptical about sending his message in plaintext since it can be understood by anyone. He therefore, sent the following ciphertext, "laabiybal".

Find and submit the decrypted ciphertext.

As the challenge is around caesar cipher it was simple regular Ceaser cipher decode, with 7 rounds'

laabiybal +7 -> ettubrute

Crypto Training Caesar II

When Caesar's ghost learnt about the limitations of the previous scheme, he started using a more complex encryption scheme to encrypt his messages. We recovered the following ciphertext from the Ouija board while talking to him,

"lozgcvsufhmrkltfyweljgujwpaimwmzvrnkwleqlbhazchvuovayzaayhbhclpgbugbuhipsrvhbheljgujwsfcefgvc"

Can you decrypt the ciphertext and submit the key.

Since it's more advanced encryption than caeser it should be a mono-alphabetic substitution or vigenere cipher which uses the key to decode and the flag is key. So Bruteforcing will give you a flag

Crypto Training Caesar III

After reading a book on public key cryptography, Caesar's ghost gave up on symmetric key cryptography, and is now using RSA to encrypt his messages.

Can you find and submit the plaintext message by breaking the so called "secure" RSA. His public key, and encrypted messages is attached here.

It's a simple Rsa challenge where N could be factorized into P and Q, then finding the private key for solving it. Otherwise, tools like RsaCtfTool, and RSHack will help to solve the challenge.

python3 RsaCtfTool.py  -n 87736238215022187719363025816367769706351526781640850984743120807726780980894380919776506770933719560168286280308900027529202574194276663926740141102778791180570187628200826094979104483589628359770519608598664074565042733750531423389296712328340611297463171173111207461293212916002297653127123475074237285541 -e 65537 --uncipher 39853124458955296772051066437419419876746152111057725065326101504208203631099848705581615254283134526336264930714039344449333945535796489259589101768635550327761541172724471658386526793776874346570701694392249746562525714186599483368129731222226981148479500452511596786229944945994826126146890253932250514880

Forensics

Casper Tries Forensics

Casper entered a Halloween party and is greeted with a famous track playing in loop. Although he doesn't remember the song, he still finds it a bit awkward.

Can you help Casper to dig deeper into the track.

Find and submit the hidden code in the track.

As usual, it's a common challenge type that could be found in most of the CTF, hiding flags in the spectrogram.

Casper Tries Forensics II

Casper bumped into a super secret WiFi network in the Halloween Party. He managed to collect the network traces of the super secret WiFi.

Can you help Casper to find the password for this WiFi. Submit the password.

This is an interesting challenge, where you have to crack wifi password. Using aircrack-ng with rockyou will give you a flag.

Misc

Feedback

Feel free to provide feedback regarding the CTF at https://forms.gle/gVaJa1eggpfKR5Zk7.

Pretty simple fill out the form and get a flag

Welcome to Halloween

Join the Discord server : https://discord.gg/X8NZTNSP . Feel free to drop any platform related queries or clarification about the challenges.

Join the server, the flag is in the general flag description.

Trick or Treat

Its Trick or Treat time. Your neighbor, a man of few words wrote a simple implementation of echo command in Linux that takes an input from the visitors and displays it back to them. (Limited to 4 characters)

The code however also contains a secret value. Can you figure out a trick to make the code display the secret value.

Here's your neighbors address

 nc 0.cloud.chals.io 13060

It was a good challenge based on the bash function referring through address to bypass. Since its echo command implement you can jump to any address using %X$s where X is the address reference.

nc 0.cloud.chals.io 13060                                                    
%7$s
esCTF{4_51mpl3_fl48}

Reversing

Reversing Riddler's Riddles

You stopped at Riddler's house for collecting candies. He implemented a password checker which would only allow you in if you guess the password set by him.

His password checker takes in an input, the password from the visitor and verifies it against a stored password. Can you find and submit the password?

You can find Riddler's binary here.

Through the strings tool we get 10 different types of flags, which also it has Good Job! and Try Harder!. So Out of these flags one should be correct but CTF was implemented with ratelimited in flag submission so you can't directly submit but bruteforcing this binary will give you correct flag.

data = """esCTF{u_4r3_ri8h7}
esCTF{y0u_are_ri8}
esCTF{you_ar3_ri8}
esCTF{u_are_ri8ht}
esCTF{u_are_right}
esCTF{y0u_ar3_ri8}
esCTF{y0u_are_r18}
esCTF{y0u_4re_r18}
esCTF{y0u_4r3_ri8}
esCTF{y0u_4r3_r18}
esCTF{u_4re_right}"""
data = data.split("\n")
import os
for i in data:
    print(i)
    os.system(f"./challenge2 {i}")

Reversing Riddler's Riddles II

You successfully broke into Riddler's house, you see a super secret vault. This looks like a vault which would contain something quite valuable and would only open with the correct password. You can find the binary of vault here.

Find and submit the password capable of opening this super secret vault.

This challenge consists of exe which was compiled from python, you can use uncompyle6 or decompyle3 to get the source of the exe to find out the extract logic implemented to get the password which is the flag.

data = {
"32":"int('1I', 34)",
"47":"int('225', 7)",
"34":"int('6B', 14)",
"46":"int('66', 7)",
"36":"int('1220', 3)",
"44":"int('3B', 28)",
"15":"int('2D', 19)",
"5":"int('6F', 17)",
"9":"int('1011111', 2)",
"51":"int('41', 12)",
"24":"int('49', 11)",
"3":"int('235', 6)",
"10":"int('1M', 31)",
"31":"int('1220', 4)",
"2":"int('51', 10)",
"52":"int('302', 6)",
"38":"int('41', 29)",
"13":"int('140', 9)",
"37":"int('63', 16)",
"1":"int('1220', 4)",
"25":"int('1133', 4)",
"49":"int('43', 13)",
"17":"int('A8', 11)",
"45":"int('5G', 21)",
"22":"int('87', 11)",
"8":"int('3F', 33)",
"7":"int('30', 17)",
"18":"int('2E', 19)",
"6":"int('3G', 32)",
"40":"int('1L', 30)",
"33":"int('106', 7)",
"14":"int('39', 35)",
"30":"int('2B', 22)",
"19":"int('1311', 4)",
"12":"int('2R', 36)",
"21":"int('31', 18)",
"0":"int('3Q', 30)",
"39":"int('424', 5)",
"43":"int('49', 11)",
"11":"int('303', 4)",
"53":"int('47', 25)",
"41":"int('5A', 17)",
"27":"int('60', 8)",
"29":"int('340', 5)",
"4":"int('29', 22)",
"23":"int('31', 16)",
"48":"int('137', 8)",
"42":"int('44', 12)",
"28":"int('1Q', 29)",
"26":"int('3Q', 28)",
"35":"int('49', 11)",
"16":"int('2R', 34)",
"50":"int('32', 34)",
"20":"int('40', 27)"
}

password = [""]*54
for k,v in data.items():
	exec(f"password[{int(k)}]=chr({v})")
	#print(exec(v))

print("".join(password))

Web

Jonathan and the Count

Jonathan Harker has found a website hosted by the infamous Count Dracula. The system admin logged in the last time at 12:08:45. Help Jonathan find what the Count is hiding in his website!

https://embeddedsecurityctf2022-csrf.chals.io/

Its simple webapp with login page, admin:admin logs you in but it says Welcome Count! You did not give the correct Token! And you can find a base64 encrypted Token in login page.

But decoding and manipulating the value didn't give a way to flag which ended up as a rabbit role. Then found that the backend was a python server which was enabled with debugger mode to get the flag.