circusmonkey404's Security Site

PicoCTF2018 Forensics Forensics Warmup 2 Objective: Hmm for some reason I can't open this PNG [1] ? Any ideas? Solution: Downloaded the file, its name is flag.png, try to open in in GUI and it gives an error lets run file against it and see what kind of file it might be @kali:~/Downloads$ file flag.png flag.png: JPEG image data, JFIF standard 1.01, resolution (DPI), density 75x75, segment length 16, baseline, precision 8, 909x190, components 3 ok lets change the extension to jpg @kali:~/Downloads$ cp flag.png flag.jpg now we can open it in the GUI picoCTF{extensions_are_a_lie}

PicoCTF2018 Forensics Forensics Warmup Objective: Can you unzip this file [1]  for me and retreive the flag? Solution: So this one is just a zip file, unzip it and you get a jpg of the flag picoctf{welcome_to_forensics}

picoCTF2018 Miscellaneous Absolutely-relative Objective: In a filesystem, everything is relative ¯\_(ツ)_/¯. Can you find a way to get a flag from this program [1] ? You can find it in /problems/absolutely-relative_2_69862edfe341b57b6ed2c62c7107daee on the shell server. Source [2] . Here is the program we need to retrieve the flag #include <stdio.h> #include <string.h> #define yes_len 3 const char *yes = "yes"; int main() {     char flag[99];     char permission[10];     int i;     FILE * file;     file = fopen("/problems/absolutely-relative_2_69862edfe341b57b6ed2c62c7107daee/flag.txt" , "r");     if (file) {      while (fscanf(file, "%s", flag)!=EOF)      fclose(file);     }     file = fopen( "./permission.txt" , "r");     if (file) {      for (i = 0; i < 5; i++){             fscanf(file, "%s", permission);         }         permission[5] = '\0';         fcl

PicoCTF2018 Cryptography RSA-Madlibs Objective : We ran into some weird puzzles we think may mean something, can you help me solve one? Connect with nc 2018shell.picoctf.com 50652 Solution : Hello, Welcome to RSA Madlibs Keeping young children entertained, since, well, nev3r Tell us how to fill in the blanks, or if it's even possible to do so Everything, input and output, is decimal, not hex #### NEW MADLIB #### q : 93187 p : 94603 ##### WE'RE GONNA NEED THE FOLLOWING #### n IS THIS POSSIBLE and FEASIBLE? (Y/N):y This is possible because n = pq so we just simply multiply the numbers to get q #### TIME TO FILL IN THE MADLIB! ### n: 8815769761 YAHHH! That one was a great madlib!!! #### NEW MADLIB #### p : 81203 n : 6315400919 ##### WE'RE GONNA NEED THE FOLLOWING #### q IS THIS POSSIBLE and FEASIBLE? (Y/N):y This is also possible since n=pq  transitively we know that q=n/p #### TIME TO FILL IN THE MADLIB! ### q: 77773 YAHHH! That one was

PicoCTF2018 Cryptography caesar cipher 2 Objective: Can you help us decrypt this message [1] ? We believe it is a form of a caesar cipher. You can find the ciphertext in /problems/caesar-cipher-2_0_372a62ea0204b948793a2b1b3aeacaaa on the shell server. Hint: (1) You'll have figure out the correct alphabet that was used to encrypt the ciphertext from the ascii character set (2) <a href="https://www.asciitable.com/">ASCII<a> Table Solution: Here is the output for the nc session  ^WQ]1B4iQ/SaO@M1W>V3`AMXcABMO@3\BMa3QC`3k Solution: So I assume this is a shift but on ASCII instead of the alphabet This site can decrypt these for us https://www.dcode.fr/ascii-shift-cipher shift 110 picoCTF{cAesaR_CiPhErS_juST_aREnT_sEcUrE}

PicoCTF2018  Cryptography  hertz 2 Objective: This flag has been encrypted with some kind of cipher, can you decrypt it? Connect with nc 2018shell.picoctf.com 12521. got this as the result of the nc Let's decode this now! Yws deruo caign pib qekvh ifsa yws ljzm tix. R ujn'y cslrsfs ywrh rh heuw jn sjhm vaiclsk rn Vrui. Ry'h jlkihy jh rp R hilfst j vaiclsk jlasjtm! Iojm, prns. Wsas'h yws pljx: vruiUYP{hechyryeyrin_urvwsah_jas_yii_sjhm_xknrcraynf} the hint says "These kinds of problems are solved with a frequency that metric some analysis" Solution: so let's use letter frequency to try and crack it, some super high level analysis I don't see any double letters that would be like OO in English but we can borrow some logic from the enigma crack, just like every message the Germans were sending ended with Heil Hitler, we know the format of the flag the flag always starts with picoCTF so we can be fairly certain that the letters  vruiUYP

PicoCTF2018  Cryptography  blaise's cipher Objective: My buddy Blaise told me he learned about this cool cipher invented by a guy also named Blaise! Can you figure out what it says? Connect with nc 2018shell.picoctf.com 46966. Solution: So a google search of blaise cipher brought up links to a Vigenere cipher created by Blaise Vigenere. It looks like this is more advanced Cesar cipher with a variable rotation based on a key word This site is a decoder for these ciphers https://www.dcode.fr/vigenere-cipher here is the output of connecting via nc Encrypted message: Yse lncsz bplr-izcarpnzjo dkxnroueius zf g uzlefwpnfmeznn cousex bls ltcmaqltki my Rjzn Hfetoxea Gqmexyt axtfnj 1467 fyd axpd g rptgq nivmpr jndc zt dwoynh hjewkjy cousex fwpnfmezx. Llhjcto'x dyyypm uswy ybttimpd gqahggpty fqtkw debjcar bzrjx, lnj xhizhsey bprk nydohltki my cwttosr tnj wezypr uk ehk hzrxjdpusoitl llvmlbky tn zmp cousexypxz. Qltkw, tn 1508, Ptsatsps Zwttnjxiax, tn nnd wuwv Puqtgxfahof