UMDCTF 2020
UMDCTF 2020 is hosted by the University of Maryland Cyber Security Club. Date: Saturday, April 18th 2020, 10:00 AM EDT - Sunday April 19th 2020, 10:00 AM EDT.
Misc
-
Oh hi nyan: Googling matt2r2, we find the flag here https://www.reddit.com/user/matt2r2/comments/g23kk6/colors/
-
MemeCTF: “I wish I was better at OSINT :( 9012389aad4eb9be53d225c4bbe72098ebdb37b97a52893171ff1bce0d40f383”. Searching this number, we find https://github.com/UMD-CSEC/hmm. There are 3 commits, this one has the flag.
-
Flagthief: The pic shows a barcode, googling “barcode little lines” we find: Intelligent Mail barcode. And decoding and using this reference, we get a big number. This number is modified to get a decimal format (72 90 81 80 71 83 45 123 70 117 117 117 125) and then, we convert it to ASCII (FLAG).
-
Chocolate: The audio is a keypad sound. We need to use a DMTF Detection Tool and then convert the result using the phone keypad cipher.
Web
-
CSEC Invasion: view-source:https://csec.umd.edu/ -> Flag.
-
CSEC Invasion - 2: https://csec.umd.edu/robots.txt -> Flag.
-
CSEC Invasion -3: view-source:https://csec.umd.edu/ -> https://csec.umd.edu/manifest.json -> Flag.
Reverse Engineering
- Easy Money: Use strings command and decode the base64 part.
Steganography:
- Colors: Using “steghide extract -sf colors.jpg” we see that we need a psw, so we use the brute force steghide tool: “python steg_brute.py -b -d dic.txt -f colors.jpg”, and a file txt appears with the flag.
- Zero Cool: we get a gif and one of the frames has a QR with the flag.
- Crash Confusion: use stego and decode it with base64.
- Cool coin:
zsteg -a coolcoin.png | grep 'UMD'Forensics:
- Jarred-1:
python vol.py --info | grep lubuntu python vol.py -f lubuntu-Snapshot2.vmem --profile=Linuxlubuntux64 linux_bash //shows the command: echo -n "VU1EQ1RGLXtKYXJyZWRfU2gwdWxEX0hhVjNfTDBjazNkX0gxc19DT21wdTdlcn0=" | base64 -d | sha256sum
Crypto
- Baby’s First Crypto: Use ROT13
- Low Effort Required:
from Crypto.Util.number import *
import gmpy
c = //value
e = //value
m = gmpy.root(c,e)[0]
flag = long_to_bytes(m)
print flag
- Padme Twice: Combine the two images with stegsolve.
- Fragile Foundations:
cat ciphertext | base64 --decode| base64 --decode| base64 --decode| base64 --decode| base64 --decode| base64 --decode| base64 --decode| base64 --decode| base64 --decode| base64 --decode| base64 --decode| base64 --decode| base64 --decode| base64 --decode| base64 --decode| base64 --decode| base64 --decode| base64 --decode| base64 --decode| base64 --decode| base64 --decode| base64 --decode| base64 --decode| base64 --decode| base64 --decode| base64 --decode| base64 --decode| base64 --decode| base64 --decode| base64 --decode| base64 --decode| base64 --decode| base64 --decode| base64 --decode| base64 --decode| base64 --decode| base64 --decode| base64 --decode| base64 --decode| base64 --decode| base64 --decode| base64 --decode UMDCTF-{b@se64_15_my_f@v0r1t3_b@s3}
