circusmonkey404's Security Site

RingZer0CTF   - Cryptography – Martian Message part 2 Objective: I think that's the key "fselkladfklklakl" KDERE2UNX1W1H96GYQNUSQT1KPGB Solution: So we have the key and the encrypted message we just need to figure out what kind of encryption was used to get the key I used this website with their Vigenere cipher to decode it https://www.dcode.fr/vigenere-cipher FLAGU2JNU1R1X96VOFNKHLB1GEWQ

RingZer0 – Cryptography – Fashion Victim Objective: Get the flag Solution: On this page we see a picture of a on old apple computer with the tag of The New Apple TV across the top, with snow playing on the screen The source for the page is pretty basic, just loading a background image and the gif of snow. <!DOCTYPE html> <html> <head> <title>The new Apple TV</title> </head> <body> <style type="text/css"> body { background-color: #5c3302; } h1 { color: white; } .tv { position: relative; margin: auto; margin-top: 20px; width: 471px; height: 616px; background-image: url(/images/mac.png); } .screen { width: 322px; height: 237px; position: absolute; left: 72px; top: 80px; } </style> <center><h1>The new Apple TV</h1></center>

RingZero CTF - Forensics – Public Key Recovery Objective: Get the public key given the private key -----BEGIN RSA PRIVATE KEY----- MIICXgIBAAKBgQDwkrxVrZ+KCl1cX27SHDI7EfgnFJZ0qTHUD6uEeSoZsiVkcu0/ XOPbz1RtpK7xxpKMSnH6uDc5On1IEw3A127wW4Y3Lqqwcuhgypd3Sf/bH3z4tC25 eqr5gA1sCwSaEw+yBxdnElBNOXxOQsST7aZGDyIUtmpouI1IXqxjrDx2SQIDAQAB AoGBAOwd6PFitnpiz90w4XEhMX/elCOvRjh8M6bCNoKP9W1A9whO8GJHRnDgXio6 /2XXktBU5OfCVJk7uei6or4J9BvXRxQpn1GvOYRwwQa9E54GS0Yu1XxTPtnBlqKZ KRbmVNpv7eZyZfYG+V+/f53cgu6M4U3SE+9VTlggfZ8iSqGBAkEA/XvFz7Nb7mIC qzQpNmpKeN4PBVRJBXqHTj0FcqQ5POZTX6scgE3LrxVKSICmm6ungenPXQrdEQ27 yNQsfASFGQJBAPL2JsjakvTVUIe2JyP99CxF5WuK2e0y6N2sU3n9t0lde9DRFs1r mhbIyIGZ0fIkuwZSOqVGb0K4W1KWypCd8LECQQCRKIIc8R9iIepZVGONb8z57mA3 sw6l/obhfPxTrEvC3js8e+a0atiLiOujHVlLqD8inFxNcd0q2OyCk05uLsBxAkEA vWkRC3z7HExAn8xt7y1Ickt7c7+n7bfGuyphWbVmcpeis0SOVk8QrbqSNhdJCVGB TIhGmBq1GnrHFzffa6b1wQJAR7d8hFRtp7uFx5GFFEpFIJvs/SlnXPvOIBmzBvjU yGglag8za2A8ArHZwA1jXcFPawuJEmeZWo+5/MWp0j+yzQ== -----END RSA PRIVA

RingZero CTF - Forensics – File Recovery Objective: This problem is a tar file Get the key Solution: Download the tar file Untar it We get two files in here a file name flag.enc and a file called private.pem This is what’s in the flag.enc file ” RøµìZ_ÝÎb0 ž ~ “ ñ This is what’s in the private.pem -----BEGIN RSA PRIVATE KEY----- MIICXAIBAAKBgQDFDxrLz/lBabo/JrRvKN47IRzUgm/LzG9zbn3g8HMnPIpy4ZOF fhjblvb8iNeFMbUIDAT2QmsqDRJhHH7xUVfC6DiYB3YuKJC/RBIHzqlBsxWXI5DF ikyS3yT6ThQap3JZEKE7fVXHHJmea4VrsRVhWG6ztoPYf+OfiMyzj0IV3QIDAQAB AoGAX1QnSmGZ2yMijlpS/1Nt7nzeTY+sNZL4d4cELkUj799BusGVdAbET7aAVTp9 yFl7kiD+ZYNMBFO+iGwYnPUU1sPSlFcS1YNu2S+4ds2ym1VfZu2drTN5qUIGIm22 2mgyOG1CSx421Ns4X5qIexkQ1gOnqaBuD7Mi3D19c5mK66ECQQDlt99Jcw7Jh1Gd TMy8cQ7EBI82YPedRP5SnAv0/sCIgcsBmbABO6WwCeS1BVjoicf+pPmIy3YkyiyO 8JIa9GJLAkEA25qwREClnm+2qIBRLal+pG8t7xZlEya+HrlX3ogThf/9GybfImzK ZQagbom3sDmRTeu6PhDhu4XZS7D4gfIPdwJANlDrsupJrM0aNx9ZqZTx8NdDJZB3 +++8Urwi96Lk02IdJhu4y

RingZero CTF - Forensics - I Love cat Objective: I love cat! Do you? User: cat Password: cat ssh challenges.ringzer0team.com port 10252 Solution: So let's start up and SSH to challenges.ringzer0team.com on port 10252 Login as            cat pass                  cat Lets start by seeing what is in our directory cat@lxc-forensics-252:~$ ls commands  flag.txt is it as easy as just catting the flag.txt file? cat@lxc-forensics-252:~$ cat flag.txt **************************** WHERE IS THE FLAG ? **************************** Nope lets see what else is in the directory cat@lxc-forensics-252:~$ ls -al total 20 drwxr-xr-x 3 root root 4096 Jul 17 18:36 . drwxr-xr-x 3 root root 4096 Jul 17 18:23 .. -rw-r--r-- 1 root root  221 Jul 17 18:30 .bash_profile drwxr-xr-x 2 cat  cat  4096 Jul 17 18:25 commands -rw-r--r-- 1 root root  116 Jul 17 18:36 flag.txt a directory name commands cat@lxc-forensics-252:~$ cd commands/ -rbas

RingZero CTF - Forensics -  Who am I part 2 Objective: I'm the proud owner of this website. Can you verify that? Solution: Well it took me a bit to figure this one out. I tried looking at the whois records for ringzer0ctf.com I tired looking at the DNS records for the site. I even looked in the Certificate for the site. Then I thought a little be more about the question. It's not asking how I can verify who own the site. It wants me to verify the owner themselves. Luckily at the bottom the page we see who is listed as on the twittter feeds @ringzer0CTF and @ MrUnik0d3r lets check if we can find the PGP for MrUniK0d3r online. I googled PGP and MrUn1k0d3r The very first result is his PGP  keybase.txt with his PGP at the bottom of the file is the flag FLAG-7A7i0V2438xL95z2X2Z321p30D8T433Z

RingZero CTF - Cyptography - Your're Drunk Problem: Ayowe awxewr nwaalfw die tiy rgw fklf ua xgixiklrw! Tiy lew qwkxinw. Solution: So just looking at this one it looks like its formatted as a sentence. There is spacing between words, punctuation and capitalization. At fist I thought Cesar cipher, but I ran through some shifts and none of them came back with english words. So then I though substitution cipher. We know from frequency analysis of the English language some good starting points. The most common letter would be "E" The most common double letters would be "OO", "EE" and"SS"  so let start with that and see what we can come up with This site is a great resource for some of the assumptions I'm making here ( http://practicalcryptography.com/ciphers/monoalphabetic-substitution-category/simple-substitution/ ) I used this website to count the letter frequency for me ( https://www.dcode.fr/frequency-analysis )