Solution:
For this challenge nothing was given in the prompt but in the previous page if you read the rules, the flag format was given which is basically the flag for the first question.
The highlighted in the last image is the required flag.
You either run from things or you face them, Mr. White.
++++++++++[>+>+++>+++++++>++++++++++<<<<-]>>>>++.++++++.-----------.++++++.++++++++++++++++++++.-----------------.-----.++++++++++++++..----------.----.+++++++++++.-------.+++++.---.++.------------.+++++++++++++.++++++++.-------------.-------.+++.++++++++++++++.++++++++++.
Solution:
This question comes under the cryptography section. On analysing the given cipher it turned out to be a "Brainfuck" code and on executing it we get the following:
The highlighted text on the left is the required flag.
While entering her office in MI6 HeadQuarters, Q seemed a bit agitated. "Bond is Missing", he sent out a file for you. Moneypenny handed over a usb with a message from 007 that read: "I assume cracking is your forte.Right? " and an audio file. As a cyber forensic expert in MI6, you are required to find the message 007 sent out.
Solution:
This is a question that comes under the steganography section. The question comes with a `WAVE audio file`.For this question I have used a tool named stegseek along with the rockyou.txt wordlist.
The output got saved into a bond.wav.out text file which when displayed we get a cipher text. On decoding it we get the flag like so:
The highlighted text on the left hand side is the required flag.
Kerckhoffs' principle did not stop him, nor should it stop you.
fmcj{xmkuivotewcwqefxm}
(Submit it according to the flag format. All in lowercase.)
Solution:
This question comes under the cryptography section and the given is a cipher: `fmcj{xmkuivotewcwqefxm}`On analysing it we find it to be a Trihemius cipher. Let’s decode it:
The highlighted text is the flag except it’s not in the flag format. After converting it to the correct format (also mentioned lowercase) we get the flag.
Many usernames and their passwords of Saintgits got leaked on the darknet!!! Being the Cybersecurity Engineer of the firm you found out that only THREE users have root level access. Find them out and grab your flag.
Solution:
The challenge asks us to find three users that have root level access. Users with Root level access are also called admins. So searching the entire file for admins leaves us with 3 users:
After decoding the MD5 of the three admins, we get 3 parts of the flag:
Combining the three of them we get the whole flag:
Some of your friends from Anbu Black Ops are seriously injured while undergoing a top-secret mission. An audio file was the only clue they left behind before they went unconscious. You, being a shinobi, must find out the message and rescue your village from any danger. Remember: "a ShinObi must read the hiddeN meanIngs within hidden meanings with Courage".
Solution:
This question comes under the category of steganography.The question has provided us with an audio file. For visualising it, open it in a software such as Audacity or Sonic Visualiser. I am using Sonic Visualiser here:
After opening it add a spectrogram for the audio by going to Pane -> Add spectrogram -> Mix by audio-joiner.com: All channels Mixed
Now move through the audio till you reach the end. At the end you will find the flag (might have to zoom to get it clearly).
Elliot Alderson, a world renowned white hat hacker is the person who created this website for a firm and he is your best friend.He was attacked last night and the last thing he did was to send you this message:-”Expose the files to police!!! "Look where I don't want people to look”.
Solution:
This is a challenge which comes under the category of web exploitation. If we visit the link given below we reach this page:
After inspecting the page we found nothing on index.html
The next type of web exploitation questions come where there may be hidden directories/files (paths) inside the main URL (the most common being robots.txt). Hence on adding robots.txt to the given URL like so:
We get to the following page:
Visit the given link (next to Disallow). Don’t include the ‘/’ before the link as it’ll search for those inside your computer. So on visiting the given URL you’ll be taken to the following page:
Seems like a base64 so let’s decode it:
The result (highlighted on the left) again seems to be a cipher. On checking it seems like it is a ROT13 cipher. Let’s decode it again:
The result of that (highlighted on the left) is the required flag
You feel incomplete after the first examination.You know that Elliot is the person who gives out evidence with full proof and he is giving you a hint at plain sight. But this time he didn’t provide any hints. How about you direct to them right away?
Solution:
This challenge also comes under the category of web exploitation except it’s not a simple `robots.txt` file this time. There are actually some other `hidden directories` (or folders) inside it. To find them I used a tool known as DirBuster`.
This would be the main site and the following shown is the tool known as DirBuster.
It is a Java based application and hence you would need Java to be installed on your system as well. The way this works is we give the target URL to the first field and a wordlist to the second field. We can change the other options according to our system but I won’t be doing that here.
From the Results- view tree tab we can see that there are two directories - images and icons inside the main URL. Adding one of them (in this case images) to the main URL like so:
Take us to this page:
next step is to go through the files in that specific directory.
On opening this fishy.svg file we get this QR code. On scanning it we get the following:
Seems like a base64 so let’s decode it.
The highlighted text is the required flag.
Monkey D Luffy, a great pirate from a new era is starting a voyage to find the great treasure. Help him across his journey as his crewmate to find the treasure.
Solution:
This question comes under the category of `OSINT` (Open Source Intelligence). The following is the image the question has provided:
If we carefully observe the image we can see a github logo with the username vandressenen. Hence opening up the github account with the given username takes use to this repo:
The repo contains the following files:
On checking all the files this is the content of private_token.txt file:
The third line is a JWT and hence after decoding it we get the following:
It contains the first half of the flag and also two clues.
The first clue is Monkey D Luffy (the character shown in the picture) and the second is Wikipedia.
Nothing interesting on the main page.
But if we go to view history and see the changes we can see an edit made by the same person in the GitHub repo.
Here we can see that the edit made was the second part of the flag.
Combining both the parts of the flag, we get the final flag:
The surroundings are bizarre and chilly. The boy woke up in limbo and is desperately searching for his sister in tears. Help him out to escape from this state of limbo and find his sister. Now remember: "There are dangers ahead....The true way can be explored when you have the courage to look deep inside your fears".
Solution:
This question comes under the steganography section. We are provided with an image from the game called Limbo:
The given file is in .tif format. Converting it to a .png format gives us 7 additional images other than the original:
After inspecting each image we find the flag in one of the images:
