Contents
#4 ER
Uhg uevn “dqsxpivacb yleqsy” kt uwfe vt nndmcawj e ncsrcuizf hgswe tlat lsglweeu b bvpbf xjlegtirs sf (ppt pfcittcwnly veldyid) csgwnerut htw thi exlxxepde qg gvbof htnstirdhmeu.[1] Uhg uevn ju kweqyenwqc uufd dz sgipnfws ard iq uspwmat dupuvtj yo ihenwnjy ufctft qjmkyfry, fannnrg, qs pqmixjdcq fctmonv fmmge av “ttibmksl” poaer, ptrea, pr hseiepo, kwom “xhe sjspnf”.[ckuaxjpp sjedid]
<....>
jpxyitytirsw, au seeprhfe ks, kor ixapupe, udhqmavmz fthumintv tv mcjnuuribn ojiia veprwxs, tbtjfr xibp xjcritiyj gocmivjort ph nsdizidxfps.[14]
#yjkkqehjb
Solution
Text encoded using Vigenere cipher (identified by trial and error).
Grab CrypTool v1, Analysis – Symmetric classic – Ciphertext-only – Vigenere
The flag is encryption key: BACBAEBBCFFAAEAADFEAC
#5 Change
Txc Azr Adlr txcqhv zj txc ihcydznzlr fqjgqnqrzfdn gqbcn txdt cpindzlj txc cdhnv bcycnqigclt qe txc Klzychjc.[1] Dffqhbzlr tq txc Azr Adlr txcqhv, txc Klzychjc udj qlfc zl dl cpthcgcnv xqt dlb bcljc jtdtc uxzfx cpidlbcb hdizbnv. Txzj hdizb cpidljzql fdkjcb txc vqklr Klzychjc tq fqqn dlb hcjkntcb zl ztj ihcjclt fqltzlkqkjnv cpidlbzlr jtdtc. Dffqhbzlr tq txc gqjt hcfclt gcdjkhcgcltj dlb qajchydtzqlj, txzj qhzrzldn jtdtc cpzjtcb diihqpzgdtcnv 13.7 aznnzql vcdhj drq,[2][3] uxzfx zj
<....>
adfmrhqklb hdbzdtzql zl 1964, dlb cjicfzdnnv uxcl ztj jicfthkg (z.c., txc dgqklt qe hdbzdtzql gcdjkhcb dt cdfx udycnclrtx) udj eqklb tq gdtfx txdt qe txchgdn hdbzdtzql ehqg d andfm aqbv, gqjt jfzcltzjtj uchc edzhnv fqlyzlfcb av txc cyzbclfc txdt jqgc ychjzql qe txc Azr Adlr jfcldhzq gkjt xdyc qffkhhcb. — uzmzicbzd
Solution
Text encoded using Simple substitution cipher.
Grab the same CrypTool v1, Analysis – Symmetric classic – Ciphertext-only – Substitution
The flag is encryption key: DAFBCERXZWMNGLQIOHJTKYUPVS
#6 Call me
6-666-22-444-555-33-444-7777-222-666-666-555-7777-88-22-6-444-8-8-44-444-7777-333-666-777-7777-666-6-33-7-666-444-66-8-7777
Solution
Cellphone keypad cipher :-)
Grab a cellphone keypad and write a text pressing the numbers in the sequence.
The flag: MOBILEISCOOLSUBMITTHISFORSOMEPOINTS
#14 Seek me
Can you Find me ? :)
Solution
Yes we can, bruteforce ?id= parameter on taskboard until you get to 1338.
The error message on that page is not just an error message :)
<p id="errormsg"><font color="red"><script>var s=String.fromCharCode(73, 115, 84, 104, 105, 83, 82, 101, 97, 76, 76, 121, 72, 73, 68, 68, 69, 78);</script>Challenge Doesn't Exist</font></p> |
Decode 73, 115, 84, 104, 105, 83, 82, 101, 97, 76, 76, 121, 72, 73, 68, 68, 69, 78 from decimal, get flag: IsThiSReaLLyHIDDEN
#15 Embedded docs
those are some files we could reach ,
but we couldn’t get what are they about
try to get what you can do !
http://ctf.forbiddenbits.net/Secrets.zip
001
0011000000110010001101010011000100110110001110000110000100110101001100110011010100110111011001100011100101100101001100000110000101100100001101110110011001100011001101110011001000110110011001100110011001100001001100100011011100111001001101000011010100110100
Decode from binary, get flag: 025168a5357f9e0ad7fc726ffa279454
002
YmM1OTJkOGI5YjhmYzRkODQ4NTU3NDI4NDU2ZWIzYWM=
Unbase64, get flag: bc592d8b9b8fc4d848557428456eb3ac
003
102:98:48:100:53:102:50:101:57:101:102:97:99:100:97:56:55:54:50:56:49:56:98:52:48:101:101:98:57:50:56:57
Decode from decimal, get flag: fb0d5f2e9efacda8762818b40eeb9289
004
ST_nIoPemoSroFTI_TImbuS-G4lF_3hT_zI_Siht
Flip the string, get flag: thiS_Iz_Th3_Fl4G-SubmIT_ITForSomePoIn_TS
005
So0%2000%2000%2000%20TT%20
Urldecode, get flag: ‘So0 00 00 00 TT ‘ (mind the trailing space)
006
41:4e:4f:54:48:45:52:46:4c:41:47:59:45:53:49:4b:4e:4f:57:49:54:
Decode from hex, get flag: ANOTHERFLAGYESIKNOWIT
007
PNALBHFRRZRVTHRFFLBHQB
Rot13, get flag: CANYOUSEEMEIGUESSYOUDO
008
A rarjpeg (actually, ‘zipjpeg’). Carve zip file from end, bruteforce encryption password ‘pass‘, get flag: 8727a6fd1df003d9870654c16d02d39c
009
BMP. Open with your favorite image editor (MS Paint), do a fill, read the flag: JE5POIBB7KOUB54
010
<script language=JavaScript> var t1=0; var chars = "ABCDEFGHIJKLMNOPQRSTUVWXYZ12345679"; var pass = "i forgot my pass"; var kk=1; for (i=0;i<pass.length;++i) { t1+=(pass.charCodeAt(i)*kk)+(chars.substring(kk,kk+1).charCodeAt(0)); ++kk; } (t1+'' == '8829') ? alert("submit this for some points"):alert( "not yet" ); </script> |
+ HINT on data format: <AlpHaNiX> for JS10 format is ***_****_****** |
HTML with JavaScript, implementing some poor hashing algorithm.
Calculate any valid flag (vos_CPHO_313337), give it to orgs to get a real challenge flag: CAA_AAAA_AAATZ
011
A win32 exe, written in Visual Basic. Use strings, get flag: Th1SiSmYp455w0rD
F:\Secrets>strings 011.exe .... Th1SiSmYp455w0rD .... |
012
HAI CAN HAS STDIO? I HAS A VAR GIMMEH VAR BTW I LUV EDOCLOL IZ VAR EQUAL "IHAZZOMVAR"? YARLY VISIBLE "GUD" NOWAI VISIBLE "SUX" KTHX KTHXBYE |
LOLCODE. Smoke some specs, get flag: IHAZZOMVAR
013
Whitespace. Interpret, get flag (numbers are actually printed one by line): 12345678910
014
Ingredients. 105 beer 102 mushrooms 72 cheese 85 jelly 74 tacos 69 beans Method. Put mushrooms into the mixing bowl. Put beer mustard into the mixing bowl. Put cheese mustard into the mixing bowl. Put tacos mustard into the mixing bowl. Put beans mustard into the mixing bowl. Put jelly mustard into the mixing bowl. Put cheese mustard into the mixing bowl. Liquefy contents of the mixing bowl. Pour contents of the mixing bowl into the baking dish. Serves 1. |
Chef. Interpret, get flag: fiHJEUH
015
++++++++[>+>++>+++>++++>+++++>++++++>+++++++>++++++++>+++++++++>++++++++++>+++++++++++>++++++++++++>+++++++++++++>++++++++++++++>+++++++++++++++>++++++++++++++++<<<<<<<<<<<<<<<<-]>>>>>>>>>>>>>--.++<<<<<<<<<<<<<>>>>>>.<<<<<<>>>>>>+++.---<<<<<<>>>>>>.<<<<<<>>>>>>>>>>>>+.-<<<<<<<<<<<<>>>>>>>>>>>>>---.+++<<<<<<<<<<<<<>>>>>>>.<<<<<<<>>>>>>>>>>>>+++.---<<<<<<<<<<<<>>>>>>>>>>>>>----.++++<<<<<<<<<<<<<>>>>>>.<<<<<<>>>>>>>>>>>>>---.+++<<<<<<<<<<<<<>>>>>>++.--<<<<<<>>>>>>>+.-<<<<<<<>>>>>>+++.---<<<<<<>>>>>>>>>>>>>--.++<<<<<<<<<<<<<>>>>>>>>>>>>+++.---<<<<<<<<<<<<>>>>>>+++.---<<<<<<>>>>>>+++.---<<<<<<>>>>>>++.--<<<<<<>>>>>>++.--<<<<<<>>>>>>>+.-<<<<<<<>>>>>>.<<<<<<>>>>>>>>>>>>+++.---<<<<<<<<<<<<>>>>>>>-.+<<<<<<<>>>>>>>>>>>>>--.++<<<<<<<<<<<<<>>>>>>>>>>>>>---.+++<<<<<<<<<<<<<>>>>>>>---.+++<<<<<<<>>>>>>>>>>>>>--.++<<<<<<<<<<<<<>>>>>>>+.-<<<<<<<>>>>>>>>>>>>+++.---<<<<<<<<<<<<>>>>>>>.<<<<<<<>>>>>>>>>>>>+++.---<<<<<<<<<<<<. |
Brainfuck. Interpret, get flag: f030ae8cd0e293fc332290c7fe5f9c8c
016
A password-protected rar. Strangely, the flag can be seen in RAR comment, though it isn’t plain-text in the file.
If anyone knows why it’s like this, please leave a comment! :)
Flag: iojGRU84HXBYY3R6T
017
APL. Interpret using NARS2000, get flag: 42746658902357111317192329313741434753596167717379838997
(again numbers need to be written one after another)
8 comments
1 ping
Skip to comment form
whitespace… 13245678910, facepalm (((
Dear Leet Mores, write, please, how you solve fist web task “TONA”. Very intresting =)
Author
We solved it exactly as in this nice writeup by 0sec ;)
They describe it pretty well!
7-777-666-9-555-33-777
i dont now what it is
That is the name of the military satellite being used by the terrorists who are comandeering the drone.
7-777-666-9-555-33-777
What does that mean?
That is the name of the military satellite being used by the terrorists who are comandeering the drone.
what is the name
“>alert(1)
[…] #4 ER […]